/src/openssl111/include/crypto/md32_common.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /*- |
11 | | * This is a generic 32 bit "collector" for message digest algorithms. |
12 | | * Whenever needed it collects input character stream into chunks of |
13 | | * 32 bit values and invokes a block function that performs actual hash |
14 | | * calculations. |
15 | | * |
16 | | * Porting guide. |
17 | | * |
18 | | * Obligatory macros: |
19 | | * |
20 | | * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN |
21 | | * this macro defines byte order of input stream. |
22 | | * HASH_CBLOCK |
23 | | * size of a unit chunk HASH_BLOCK operates on. |
24 | | * HASH_LONG |
25 | | * has to be at least 32 bit wide. |
26 | | * HASH_CTX |
27 | | * context structure that at least contains following |
28 | | * members: |
29 | | * typedef struct { |
30 | | * ... |
31 | | * HASH_LONG Nl,Nh; |
32 | | * either { |
33 | | * HASH_LONG data[HASH_LBLOCK]; |
34 | | * unsigned char data[HASH_CBLOCK]; |
35 | | * }; |
36 | | * unsigned int num; |
37 | | * ... |
38 | | * } HASH_CTX; |
39 | | * data[] vector is expected to be zeroed upon first call to |
40 | | * HASH_UPDATE. |
41 | | * HASH_UPDATE |
42 | | * name of "Update" function, implemented here. |
43 | | * HASH_TRANSFORM |
44 | | * name of "Transform" function, implemented here. |
45 | | * HASH_FINAL |
46 | | * name of "Final" function, implemented here. |
47 | | * HASH_BLOCK_DATA_ORDER |
48 | | * name of "block" function capable of treating *unaligned* input |
49 | | * message in original (data) byte order, implemented externally. |
50 | | * HASH_MAKE_STRING |
51 | | * macro converting context variables to an ASCII hash string. |
52 | | * |
53 | | * MD5 example: |
54 | | * |
55 | | * #define DATA_ORDER_IS_LITTLE_ENDIAN |
56 | | * |
57 | | * #define HASH_LONG MD5_LONG |
58 | | * #define HASH_CTX MD5_CTX |
59 | | * #define HASH_CBLOCK MD5_CBLOCK |
60 | | * #define HASH_UPDATE MD5_Update |
61 | | * #define HASH_TRANSFORM MD5_Transform |
62 | | * #define HASH_FINAL MD5_Final |
63 | | * #define HASH_BLOCK_DATA_ORDER md5_block_data_order |
64 | | */ |
65 | | |
66 | | #include <openssl/crypto.h> |
67 | | |
68 | | #if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) |
69 | | # error "DATA_ORDER must be defined!" |
70 | | #endif |
71 | | |
72 | | #ifndef HASH_CBLOCK |
73 | | # error "HASH_CBLOCK must be defined!" |
74 | | #endif |
75 | | #ifndef HASH_LONG |
76 | | # error "HASH_LONG must be defined!" |
77 | | #endif |
78 | | #ifndef HASH_CTX |
79 | | # error "HASH_CTX must be defined!" |
80 | | #endif |
81 | | |
82 | | #ifndef HASH_UPDATE |
83 | | # error "HASH_UPDATE must be defined!" |
84 | | #endif |
85 | | #ifndef HASH_TRANSFORM |
86 | | # error "HASH_TRANSFORM must be defined!" |
87 | | #endif |
88 | | #ifndef HASH_FINAL |
89 | | # error "HASH_FINAL must be defined!" |
90 | | #endif |
91 | | |
92 | | #ifndef HASH_BLOCK_DATA_ORDER |
93 | | # error "HASH_BLOCK_DATA_ORDER must be defined!" |
94 | | #endif |
95 | | |
96 | 0 | #define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) |
97 | | |
98 | | #if defined(DATA_ORDER_IS_BIG_ENDIAN) |
99 | | |
100 | 0 | # define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ |
101 | 0 | l|=(((unsigned long)(*((c)++)))<<16), \ |
102 | 0 | l|=(((unsigned long)(*((c)++)))<< 8), \ |
103 | 0 | l|=(((unsigned long)(*((c)++))) ) ) |
104 | 0 | # define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ |
105 | 0 | *((c)++)=(unsigned char)(((l)>>16)&0xff), \ |
106 | 0 | *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ |
107 | 0 | *((c)++)=(unsigned char)(((l) )&0xff), \ |
108 | 0 | l) |
109 | | |
110 | | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) |
111 | | |
112 | 0 | # define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ |
113 | 0 | l|=(((unsigned long)(*((c)++)))<< 8), \ |
114 | 0 | l|=(((unsigned long)(*((c)++)))<<16), \ |
115 | 0 | l|=(((unsigned long)(*((c)++)))<<24) ) |
116 | 0 | # define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ |
117 | 0 | *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ |
118 | 0 | *((c)++)=(unsigned char)(((l)>>16)&0xff), \ |
119 | 0 | *((c)++)=(unsigned char)(((l)>>24)&0xff), \ |
120 | 0 | l) |
121 | | |
122 | | #endif |
123 | | |
124 | | /* |
125 | | * Time for some action :-) |
126 | | */ |
127 | | |
128 | | int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len) |
129 | 0 | { |
130 | 0 | const unsigned char *data = data_; |
131 | 0 | unsigned char *p; |
132 | 0 | HASH_LONG l; |
133 | 0 | size_t n; |
134 | |
|
135 | 0 | if (len == 0) |
136 | 0 | return 1; |
137 | | |
138 | 0 | l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL; |
139 | 0 | if (l < c->Nl) /* overflow */ |
140 | 0 | c->Nh++; |
141 | 0 | c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on |
142 | | * 16-bit */ |
143 | 0 | c->Nl = l; |
144 | |
|
145 | 0 | n = c->num; |
146 | 0 | if (n != 0) { |
147 | 0 | p = (unsigned char *)c->data; |
148 | |
|
149 | 0 | if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) { |
150 | 0 | memcpy(p + n, data, HASH_CBLOCK - n); |
151 | 0 | HASH_BLOCK_DATA_ORDER(c, p, 1); |
152 | 0 | n = HASH_CBLOCK - n; |
153 | 0 | data += n; |
154 | 0 | len -= n; |
155 | 0 | c->num = 0; |
156 | | /* |
157 | | * We use memset rather than OPENSSL_cleanse() here deliberately. |
158 | | * Using OPENSSL_cleanse() here could be a performance issue. It |
159 | | * will get properly cleansed on finalisation so this isn't a |
160 | | * security problem. |
161 | | */ |
162 | 0 | memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ |
163 | 0 | } else { |
164 | 0 | memcpy(p + n, data, len); |
165 | 0 | c->num += (unsigned int)len; |
166 | 0 | return 1; |
167 | 0 | } |
168 | 0 | } |
169 | | |
170 | 0 | n = len / HASH_CBLOCK; |
171 | 0 | if (n > 0) { |
172 | 0 | HASH_BLOCK_DATA_ORDER(c, data, n); |
173 | 0 | n *= HASH_CBLOCK; |
174 | 0 | data += n; |
175 | 0 | len -= n; |
176 | 0 | } |
177 | |
|
178 | 0 | if (len != 0) { |
179 | 0 | p = (unsigned char *)c->data; |
180 | 0 | c->num = (unsigned int)len; |
181 | 0 | memcpy(p, data, len); |
182 | 0 | } |
183 | 0 | return 1; |
184 | 0 | } Unexecuted instantiation: MD4_Update Unexecuted instantiation: MD5_Update Unexecuted instantiation: RIPEMD160_Update Unexecuted instantiation: SHA1_Update Unexecuted instantiation: SHA256_Update Unexecuted instantiation: sm3_update |
185 | | |
186 | | void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data) |
187 | 0 | { |
188 | 0 | HASH_BLOCK_DATA_ORDER(c, data, 1); |
189 | 0 | } Unexecuted instantiation: MD4_Transform Unexecuted instantiation: MD5_Transform Unexecuted instantiation: RIPEMD160_Transform Unexecuted instantiation: SHA1_Transform Unexecuted instantiation: SHA256_Transform Unexecuted instantiation: sm3_transform |
190 | | |
191 | | int HASH_FINAL(unsigned char *md, HASH_CTX *c) |
192 | 0 | { |
193 | 0 | unsigned char *p = (unsigned char *)c->data; |
194 | 0 | size_t n = c->num; |
195 | |
|
196 | 0 | p[n] = 0x80; /* there is always room for one */ |
197 | 0 | n++; |
198 | |
|
199 | 0 | if (n > (HASH_CBLOCK - 8)) { |
200 | 0 | memset(p + n, 0, HASH_CBLOCK - n); |
201 | 0 | n = 0; |
202 | 0 | HASH_BLOCK_DATA_ORDER(c, p, 1); |
203 | 0 | } |
204 | 0 | memset(p + n, 0, HASH_CBLOCK - 8 - n); |
205 | |
|
206 | 0 | p += HASH_CBLOCK - 8; |
207 | | #if defined(DATA_ORDER_IS_BIG_ENDIAN) |
208 | 0 | (void)HOST_l2c(c->Nh, p); |
209 | 0 | (void)HOST_l2c(c->Nl, p); |
210 | | #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) |
211 | 0 | (void)HOST_l2c(c->Nl, p); |
212 | 0 | (void)HOST_l2c(c->Nh, p); |
213 | | #endif |
214 | 0 | p -= HASH_CBLOCK; |
215 | 0 | HASH_BLOCK_DATA_ORDER(c, p, 1); |
216 | 0 | c->num = 0; |
217 | 0 | OPENSSL_cleanse(p, HASH_CBLOCK); |
218 | |
|
219 | | #ifndef HASH_MAKE_STRING |
220 | | # error "HASH_MAKE_STRING must be defined!" |
221 | | #else |
222 | 0 | HASH_MAKE_STRING(c, md); |
223 | 0 | #endif |
224 | | |
225 | 0 | return 1; |
226 | 0 | } Unexecuted instantiation: MD4_Final Unexecuted instantiation: MD5_Final Unexecuted instantiation: RIPEMD160_Final Unexecuted instantiation: SHA1_Final Unexecuted instantiation: SHA256_Final Unexecuted instantiation: sm3_final |
227 | | |
228 | | #ifndef MD32_REG_T |
229 | | # if defined(__alpha) || defined(__sparcv9) || defined(__mips) |
230 | | # define MD32_REG_T long |
231 | | /* |
232 | | * This comment was originally written for MD5, which is why it |
233 | | * discusses A-D. But it basically applies to all 32-bit digests, |
234 | | * which is why it was moved to common header file. |
235 | | * |
236 | | * In case you wonder why A-D are declared as long and not |
237 | | * as MD5_LONG. Doing so results in slight performance |
238 | | * boost on LP64 architectures. The catch is we don't |
239 | | * really care if 32 MSBs of a 64-bit register get polluted |
240 | | * with eventual overflows as we *save* only 32 LSBs in |
241 | | * *either* case. Now declaring 'em long excuses the compiler |
242 | | * from keeping 32 MSBs zeroed resulting in 13% performance |
243 | | * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. |
244 | | * Well, to be honest it should say that this *prevents* |
245 | | * performance degradation. |
246 | | */ |
247 | | # else |
248 | | /* |
249 | | * Above is not absolute and there are LP64 compilers that |
250 | | * generate better code if MD32_REG_T is defined int. The above |
251 | | * pre-processor condition reflects the circumstances under which |
252 | | * the conclusion was made and is subject to further extension. |
253 | | */ |
254 | | # define MD32_REG_T int |
255 | | # endif |
256 | | #endif |