/src/lzma-fuzz/sdk/C/Sha256.c

Source
/* Crypto/Sha256.c -- SHA-256 Hash
2017-04-03 : Igor Pavlov : Public domain
This code is based on public domain code from Wei Dai's Crypto++ library. */

#include "Precomp.h"

#include <string.h>

#include "CpuArch.h"
#include "RotateDefs.h"
#include "Sha256.h"

/* define it for speed optimization */
#ifndef _SFX
#define _SHA256_UNROLL
#define _SHA256_UNROLL2
#endif

/* #define _SHA256_UNROLL2 */

void Sha256_Init(CSha256 *p)
{
  p->state[0] = 0x6a09e667;
  p->state[1] = 0xbb67ae85;
  p->state[2] = 0x3c6ef372;
  p->state[3] = 0xa54ff53a;
  p->state[4] = 0x510e527f;
  p->state[5] = 0x9b05688c;
  p->state[6] = 0x1f83d9ab;
  p->state[7] = 0x5be0cd19;
  p->count = 0;
}

#define S0(x) (rotrFixed(x, 2) ^ rotrFixed(x,13) ^ rotrFixed(x, 22))
#define S1(x) (rotrFixed(x, 6) ^ rotrFixed(x,11) ^ rotrFixed(x, 25))
#define s0(x) (rotrFixed(x, 7) ^ rotrFixed(x,18) ^ (x >> 3))
#define s1(x) (rotrFixed(x,17) ^ rotrFixed(x,19) ^ (x >> 10))

#define blk0(i) (W[i])
#define blk2(i) (W[i] += s1(W[((i)-2)&15]) + W[((i)-7)&15] + s0(W[((i)-15)&15]))

#define Ch(x,y,z) (z^(x&(y^z)))
#define Maj(x,y,z) ((x&y)|(z&(x|y)))

#ifdef _SHA256_UNROLL2

#define R(a,b,c,d,e,f,g,h, i) \
    h += S1(e) + Ch(e,f,g) + K[(i)+(size_t)(j)] + (j ? blk2(i) : blk0(i)); \
    d += h; \
    h += S0(a) + Maj(a, b, c)

#define RX_8(i) \
  R(a,b,c,d,e,f,g,h, i); \
  R(h,a,b,c,d,e,f,g, i+1); \
  R(g,h,a,b,c,d,e,f, i+2); \
  R(f,g,h,a,b,c,d,e, i+3); \
  R(e,f,g,h,a,b,c,d, i+4); \
  R(d,e,f,g,h,a,b,c, i+5); \
  R(c,d,e,f,g,h,a,b, i+6); \
  R(b,c,d,e,f,g,h,a, i+7)

#define RX_16  RX_8(0); RX_8(8);

#else

#define a(i) T[(0-(i))&7]
#define b(i) T[(1-(i))&7]
#define c(i) T[(2-(i))&7]
#define d(i) T[(3-(i))&7]
#define e(i) T[(4-(i))&7]
#define f(i) T[(5-(i))&7]
#define g(i) T[(6-(i))&7]
#define h(i) T[(7-(i))&7]

#define R(i) \
    h(i) += S1(e(i)) + Ch(e(i),f(i),g(i)) + K[(i)+(size_t)(j)] + (j ? blk2(i) : blk0(i)); \
    d(i) += h(i); \
    h(i) += S0(a(i)) + Maj(a(i), b(i), c(i)) \

#ifdef _SHA256_UNROLL

#define RX_8(i)  R(i+0); R(i+1); R(i+2); R(i+3); R(i+4); R(i+5); R(i+6); R(i+7);
#define RX_16  RX_8(0); RX_8(8);

#else

#define RX_16  unsigned i; for (i = 0; i < 16; i++) { R(i); }

#endif

#endif

static const UInt32 K[64] = {
  0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
  0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
  0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
  0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
  0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
  0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
  0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
  0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
  0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
  0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
  0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
  0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
  0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
  0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
  0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
  0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
};

static void Sha256_WriteByteBlock(CSha256 *p)
{
  UInt32 W[16];
  unsigned j;
  UInt32 *state;

  #ifdef _SHA256_UNROLL2
  UInt32 a,b,c,d,e,f,g,h;
  #else
  UInt32 T[8];
  #endif

  for (j = 0; j < 16; j += 4)
  {
    const Byte *ccc = p->buffer + j * 4;
    W[j    ] = GetBe32(ccc);
    W[j + 1] = GetBe32(ccc + 4);
    W[j + 2] = GetBe32(ccc + 8);
    W[j + 3] = GetBe32(ccc + 12);
  }

  state = p->state;

  #ifdef _SHA256_UNROLL2
  a = state[0];
  b = state[1];
  c = state[2];
  d = state[3];
  e = state[4];
  f = state[5];
  g = state[6];
  h = state[7];
  #else
  for (j = 0; j < 8; j++)
    T[j] = state[j];
  #endif

  for (j = 0; j < 64; j += 16)
  {
    RX_16
  }

  #ifdef _SHA256_UNROLL2
  state[0] += a;
  state[1] += b;
  state[2] += c;
  state[3] += d;
  state[4] += e;
  state[5] += f;
  state[6] += g;
  state[7] += h;
  #else
  for (j = 0; j < 8; j++)
    state[j] += T[j];
  #endif
  
  /* Wipe variables */
  /* memset(W, 0, sizeof(W)); */
  /* memset(T, 0, sizeof(T)); */
}

#undef S0
#undef S1
#undef s0
#undef s1

void Sha256_Update(CSha256 *p, const Byte *data, size_t size)
{
  if (size == 0)
    return;

  {
    unsigned pos = (unsigned)p->count & 0x3F;
    unsigned num;
    
    p->count += size;
    
    num = 64 - pos;
    if (num > size)
    {
      memcpy(p->buffer + pos, data, size);
      return;
    }
    
    size -= num;
    memcpy(p->buffer + pos, data, num);
    data += num;
  }

  for (;;)
  {
    Sha256_WriteByteBlock(p);
    if (size < 64)
      break;
    size -= 64;
    memcpy(p->buffer, data, 64);
    data += 64;
  }

  if (size != 0)
    memcpy(p->buffer, data, size);
}

void Sha256_Final(CSha256 *p, Byte *digest)
{
  unsigned pos = (unsigned)p->count & 0x3F;
  unsigned i;
  
  p->buffer[pos++] = 0x80;
  
  while (pos != (64 - 8))
  {
    pos &= 0x3F;
    if (pos == 0)
      Sha256_WriteByteBlock(p);
    p->buffer[pos++] = 0;
  }

  {
    UInt64 numBits = (p->count << 3);
    SetBe32(p->buffer + 64 - 8, (UInt32)(numBits >> 32));
    SetBe32(p->buffer + 64 - 4, (UInt32)(numBits));
  }
  
  Sha256_WriteByteBlock(p);

  for (i = 0; i < 8; i += 2)
  {
    UInt32 v0 = p->state[i];
    UInt32 v1 = p->state[i + 1];
    SetBe32(digest    , v0);
    SetBe32(digest + 4, v1);
    digest += 8;
  }
  
  Sha256_Init(p);
}

Coverage Report

Created: 2025-10-28 06:07

Line	Count	Source
1		/* Crypto/Sha256.c -- SHA-256 Hash
2		2017-04-03 : Igor Pavlov : Public domain
3		This code is based on public domain code from Wei Dai's Crypto++ library. */
4
5		#include "Precomp.h"
6
7		#include <string.h>
8
9		#include "CpuArch.h"
10		#include "RotateDefs.h"
11		#include "Sha256.h"
12
13		/* define it for speed optimization */
14		#ifndef _SFX
15		#define _SHA256_UNROLL
16		#define _SHA256_UNROLL2
17		#endif
18
19		/* #define _SHA256_UNROLL2 */
20
21		void Sha256_Init(CSha256 *p)
22	27.8k	{
23	27.8k	p->state[0] = 0x6a09e667;
24	27.8k	p->state[1] = 0xbb67ae85;
25	27.8k	p->state[2] = 0x3c6ef372;
26	27.8k	p->state[3] = 0xa54ff53a;
27	27.8k	p->state[4] = 0x510e527f;
28	27.8k	p->state[5] = 0x9b05688c;
29	27.8k	p->state[6] = 0x1f83d9ab;
30	27.8k	p->state[7] = 0x5be0cd19;
31	27.8k	p->count = 0;
32	27.8k	}
33
34	124M	#define S0(x) (rotrFixed(x, 2) ^ rotrFixed(x,13) ^ rotrFixed(x, 22))
35	124M	#define S1(x) (rotrFixed(x, 6) ^ rotrFixed(x,11) ^ rotrFixed(x, 25))
36	93.3M	#define s0(x) (rotrFixed(x, 7) ^ rotrFixed(x,18) ^ (x >> 3))
37	93.3M	#define s1(x) (rotrFixed(x,17) ^ rotrFixed(x,19) ^ (x >> 10))
38
39	31.1M	#define blk0(i) (W[i])
40	93.3M	#define blk2(i) (W[i] += s1(W[((i)-2)&15]) + W[((i)-7)&15] + s0(W[((i)-15)&15]))
41
42	124M	#define Ch(x,y,z) (z^(x&(y^z)))
43	124M	#define Maj(x,y,z) ((x&y)\|(z&(x\|y)))
44
45		#ifdef _SHA256_UNROLL2
46
47		#define R(a,b,c,d,e,f,g,h, i) \
48	124M	h += S1(e) + Ch(e,f,g) + K[(i)+(size_t)(j)] + (j ? blk2(i) : blk0(i)); \
49	124M	d += h; \
50	124M	h += S0(a) + Maj(a, b, c)
51
52		#define RX_8(i) \
53	15.5M	R(a,b,c,d,e,f,g,h, i); \
54	15.5M	R(h,a,b,c,d,e,f,g, i+1); \
55	15.5M	R(g,h,a,b,c,d,e,f, i+2); \
56	15.5M	R(f,g,h,a,b,c,d,e, i+3); \
57	15.5M	R(e,f,g,h,a,b,c,d, i+4); \
58	15.5M	R(d,e,f,g,h,a,b,c, i+5); \
59	15.5M	R(c,d,e,f,g,h,a,b, i+6); \
60	15.5M	R(b,c,d,e,f,g,h,a, i+7)
61
62	7.77M	#define RX_16 RX_8(0); RX_8(8);
63
64		#else
65
66		#define a(i) T[(0-(i))&7]
67		#define b(i) T[(1-(i))&7]
68		#define c(i) T[(2-(i))&7]
69		#define d(i) T[(3-(i))&7]
70		#define e(i) T[(4-(i))&7]
71		#define f(i) T[(5-(i))&7]
72		#define g(i) T[(6-(i))&7]
73		#define h(i) T[(7-(i))&7]
74
75		#define R(i) \
76		h(i) += S1(e(i)) + Ch(e(i),f(i),g(i)) + K[(i)+(size_t)(j)] + (j ? blk2(i) : blk0(i)); \
77		d(i) += h(i); \
78		h(i) += S0(a(i)) + Maj(a(i), b(i), c(i)) \
79
80		#ifdef _SHA256_UNROLL
81
82		#define RX_8(i) R(i+0); R(i+1); R(i+2); R(i+3); R(i+4); R(i+5); R(i+6); R(i+7);
83		#define RX_16 RX_8(0); RX_8(8);
84
85		#else
86
87		#define RX_16 unsigned i; for (i = 0; i < 16; i++) { R(i); }
88
89		#endif
90
91		#endif
92
93		static const UInt32 K[64] = {
94		0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
95		0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
96		0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
97		0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
98		0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
99		0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
100		0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
101		0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
102		0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
103		0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
104		0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
105		0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
106		0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
107		0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
108		0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
109		0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
110		};
111
112		static void Sha256_WriteByteBlock(CSha256 *p)
113	1.94M	{
114	1.94M	UInt32 W[16];
115	1.94M	unsigned j;
116	1.94M	UInt32 *state;
117
118	1.94M	#ifdef _SHA256_UNROLL2
119	1.94M	UInt32 a,b,c,d,e,f,g,h;
120		#else
121		UInt32 T[8];
122		#endif
123
124	9.72M	for (j = 0; j < 16; j += 4)
125	7.77M	{
126	7.77M	const Byte ccc = p->buffer + j 4;
127	7.77M	W[j ] = GetBe32(ccc);
128	7.77M	W[j + 1] = GetBe32(ccc + 4);
129	7.77M	W[j + 2] = GetBe32(ccc + 8);
130	7.77M	W[j + 3] = GetBe32(ccc + 12);
131	7.77M	}
132
133	1.94M	state = p->state;
134
135	1.94M	#ifdef _SHA256_UNROLL2
136	1.94M	a = state[0];
137	1.94M	b = state[1];
138	1.94M	c = state[2];
139	1.94M	d = state[3];
140	1.94M	e = state[4];
141	1.94M	f = state[5];
142	1.94M	g = state[6];
143	1.94M	h = state[7];
144		#else
145		for (j = 0; j < 8; j++)
146		T[j] = state[j];
147		#endif
148
149	9.72M	for (j = 0; j < 64; j += 16)
150	7.77M	{
151	7.77M	RX_16
152	7.77M	}
153
154	1.94M	#ifdef _SHA256_UNROLL2
155	1.94M	state[0] += a;
156	1.94M	state[1] += b;
157	1.94M	state[2] += c;
158	1.94M	state[3] += d;
159	1.94M	state[4] += e;
160	1.94M	state[5] += f;
161	1.94M	state[6] += g;
162	1.94M	state[7] += h;
163		#else
164		for (j = 0; j < 8; j++)
165		state[j] += T[j];
166		#endif
167
168		/* Wipe variables */
169		/* memset(W, 0, sizeof(W)); */
170		/* memset(T, 0, sizeof(T)); */
171	1.94M	}
172
173		#undef S0
174		#undef S1
175		#undef s0
176		#undef s1
177
178		void Sha256_Update(CSha256 p, const Byte data, size_t size)
179	14.6k	{
180	14.6k	if (size == 0)
181	622	return;
182
183	14.0k	{
184	14.0k	unsigned pos = (unsigned)p->count & 0x3F;
185	14.0k	unsigned num;
186
187	14.0k	p->count += size;
188
189	14.0k	num = 64 - pos;
190	14.0k	if (num > size)
191	13.1k	{
192	13.1k	memcpy(p->buffer + pos, data, size);
193	13.1k	return;
194	13.1k	}
195
196	879	size -= num;
197	879	memcpy(p->buffer + pos, data, num);
198	879	data += num;
199	879	}
200
201	0	for (;;)
202	1.93M	{
203	1.93M	Sha256_WriteByteBlock(p);
204	1.93M	if (size < 64)
205	879	break;
206	1.92M	size -= 64;
207	1.92M	memcpy(p->buffer, data, 64);
208	1.92M	data += 64;
209	1.92M	}
210
211	879	if (size != 0)
212	764	memcpy(p->buffer, data, size);
213	879	}
214
215		void Sha256_Final(CSha256 p, Byte digest)
216	13.9k	{
217	13.9k	unsigned pos = (unsigned)p->count & 0x3F;
218	13.9k	unsigned i;
219
220	13.9k	p->buffer[pos++] = 0x80;
221
222	719k	while (pos != (64 - 8))
223	705k	{
224	705k	pos &= 0x3F;
225	705k	if (pos == 0)
226	108	Sha256_WriteByteBlock(p);
227	705k	p->buffer[pos++] = 0;
228	705k	}
229
230	13.9k	{
231	13.9k	UInt64 numBits = (p->count << 3);
232	13.9k	SetBe32(p->buffer + 64 - 8, (UInt32)(numBits >> 32));
233	13.9k	SetBe32(p->buffer + 64 - 4, (UInt32)(numBits));
234	13.9k	}
235
236	13.9k	Sha256_WriteByteBlock(p);
237
238	69.5k	for (i = 0; i < 8; i += 2)
239	55.6k	{
240	55.6k	UInt32 v0 = p->state[i];
241	55.6k	UInt32 v1 = p->state[i + 1];
242	55.6k	SetBe32(digest , v0);
243	55.6k	SetBe32(digest + 4, v1);
244	55.6k	digest += 8;
245	55.6k	}
246
247	13.9k	Sha256_Init(p);
248	13.9k	}