2 * Copyright (C) 2011-2012 Free Software Foundation, Inc.
4 * Author: Nikos Mavrogiannopoulos
6 * This file is part of GnuTLS.
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
23 #include <gnutls_errors.h>
24 #include <gnutls_int.h>
25 #include <gnutls/crypto.h>
26 #include <gnutls_errors.h>
28 #include <nettle/sha.h>
29 #include <nettle/macros.h>
30 #include <nettle/nettle-meta.h>
34 void sha1_block_data_order(void *c, const void *p, size_t len);
35 void sha256_block_data_order(void *c, const void *p, size_t len);
36 void sha512_block_data_order(void *c, const void *p, size_t len);
38 typedef void (*update_func) (void *, unsigned, const uint8_t *);
39 typedef void (*digest_func) (void *, unsigned, uint8_t *);
40 typedef void (*set_key_func) (void *, unsigned, const uint8_t *);
41 typedef void (*init_func) (void *);
46 struct sha224_ctx sha224;
47 struct sha256_ctx sha256;
49 struct sha384_ctx sha384;
50 struct sha512_ctx sha512;
54 gnutls_digest_algorithm_t algo;
62 wrap_x86_hash_update(void *_ctx, const void *text, size_t textsize)
64 struct x86_hash_ctx *ctx = _ctx;
66 ctx->update(ctx->ctx_ptr, textsize, text);
68 return GNUTLS_E_SUCCESS;
71 static void wrap_x86_hash_deinit(void *hd)
76 void x86_sha1_update(struct sha1_ctx *ctx, size_t length,
80 uint32_t h0, h1, h2, h3, h4;
88 if ((res = ctx->index)) {
89 res = SHA1_DATA_SIZE - res;
92 sha1_update(ctx, res, data);
97 octx.h0 = ctx->state[0];
98 octx.h1 = ctx->state[1];
99 octx.h2 = ctx->state[2];
100 octx.h3 = ctx->state[3];
101 octx.h4 = ctx->state[4];
103 memcpy(octx.data, ctx->block, SHA1_DATA_SIZE);
104 octx.num = ctx->index;
106 res = length % SHA1_DATA_SIZE;
111 t2 = length / SHA1_DATA_SIZE;
113 sha1_block_data_order(&octx, data, t2);
120 ctx->state[0] = octx.h0;
121 ctx->state[1] = octx.h1;
122 ctx->state[2] = octx.h2;
123 ctx->state[3] = octx.h3;
124 ctx->state[4] = octx.h4;
126 memcpy(ctx->block, octx.data, octx.num);
127 ctx->index = octx.num;
130 sha1_update(ctx, res, data);
135 void x86_sha256_update(struct sha256_ctx *ctx, size_t length,
136 const uint8_t * data)
148 if ((res = ctx->index)) {
149 res = SHA256_DATA_SIZE - res;
152 sha256_update(ctx, res, data);
157 memcpy(octx.h, ctx->state, sizeof(octx.h));
158 memcpy(octx.data, ctx->block, SHA256_DATA_SIZE);
159 octx.num = ctx->index;
161 res = length % SHA256_DATA_SIZE;
165 t2 = length / SHA1_DATA_SIZE;
166 sha256_block_data_order(&octx, data, t2);
173 memcpy(ctx->state, octx.h, sizeof(octx.h));
175 memcpy(ctx->block, octx.data, octx.num);
176 ctx->index = octx.num;
179 sha256_update(ctx, res, data);
184 void x86_sha512_update(struct sha512_ctx *ctx, size_t length,
185 const uint8_t * data)
200 if ((res = ctx->index)) {
201 res = SHA512_DATA_SIZE - res;
204 sha512_update(ctx, res, data);
209 memcpy(octx.h, ctx->state, sizeof(octx.h));
210 memcpy(octx.u.p, ctx->block, SHA512_DATA_SIZE);
211 octx.num = ctx->index;
213 res = length % SHA512_DATA_SIZE;
217 t2 = length / SHA512_DATA_SIZE;
218 sha512_block_data_order(&octx, data, t2);
225 memcpy(ctx->state, octx.h, sizeof(octx.h));
227 memcpy(ctx->block, octx.u.p, octx.num);
228 ctx->index = octx.num;
231 sha512_update(ctx, res, data);
236 static int _ctx_init(gnutls_digest_algorithm_t algo,
237 struct x86_hash_ctx *ctx)
240 case GNUTLS_DIG_SHA1:
241 sha1_init(&ctx->ctx.sha1);
242 ctx->update = (update_func) x86_sha1_update;
243 ctx->digest = (digest_func) sha1_digest;
244 ctx->init = (init_func) sha1_init;
245 ctx->ctx_ptr = &ctx->ctx.sha1;
246 ctx->length = SHA1_DIGEST_SIZE;
248 case GNUTLS_DIG_SHA224:
249 sha224_init(&ctx->ctx.sha224);
250 ctx->update = (update_func) x86_sha256_update;
251 ctx->digest = (digest_func) sha256_digest;
252 ctx->init = (init_func) sha224_init;
253 ctx->ctx_ptr = &ctx->ctx.sha224;
254 ctx->length = SHA224_DIGEST_SIZE;
256 case GNUTLS_DIG_SHA256:
257 sha256_init(&ctx->ctx.sha256);
258 ctx->update = (update_func) x86_sha256_update;
259 ctx->digest = (digest_func) sha256_digest;
260 ctx->init = (init_func) sha256_init;
261 ctx->ctx_ptr = &ctx->ctx.sha256;
262 ctx->length = SHA256_DIGEST_SIZE;
265 case GNUTLS_DIG_SHA384:
266 sha384_init(&ctx->ctx.sha384);
267 ctx->update = (update_func) x86_sha512_update;
268 ctx->digest = (digest_func) sha512_digest;
269 ctx->init = (init_func) sha384_init;
270 ctx->ctx_ptr = &ctx->ctx.sha384;
271 ctx->length = SHA384_DIGEST_SIZE;
273 case GNUTLS_DIG_SHA512:
274 sha512_init(&ctx->ctx.sha512);
275 ctx->update = (update_func) x86_sha512_update;
276 ctx->digest = (digest_func) sha512_digest;
277 ctx->init = (init_func) sha512_init;
278 ctx->ctx_ptr = &ctx->ctx.sha512;
279 ctx->length = SHA512_DIGEST_SIZE;
284 return GNUTLS_E_INVALID_REQUEST;
291 static int wrap_x86_hash_init(gnutls_digest_algorithm_t algo, void **_ctx)
293 struct x86_hash_ctx *ctx;
296 ctx = gnutls_malloc(sizeof(struct x86_hash_ctx));
299 return GNUTLS_E_MEMORY_ERROR;
304 if ((ret = _ctx_init(algo, ctx)) < 0) {
315 wrap_x86_hash_output(void *src_ctx, void *digest, size_t digestsize)
317 struct x86_hash_ctx *ctx;
320 if (digestsize < ctx->length)
321 return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
323 ctx->digest(ctx->ctx_ptr, digestsize, digest);
328 static int wrap_x86_hash_fast(gnutls_digest_algorithm_t algo,
329 const void *text, size_t text_size,
332 struct x86_hash_ctx ctx;
335 ret = _ctx_init(algo, &ctx);
337 return gnutls_assert_val(ret);
339 ctx.update(&ctx, text_size, text);
340 ctx.digest(&ctx, ctx.length, digest);
345 const struct nettle_hash x86_sha1 =
346 NN_HASH(sha1, x86_sha1_update, sha1_digest, SHA1);
347 const struct nettle_hash x86_sha224 =
348 NN_HASH(sha224, x86_sha256_update, sha224_digest, SHA224);
349 const struct nettle_hash x86_sha256 =
350 NN_HASH(sha256, x86_sha256_update, sha256_digest, SHA256);
353 const struct nettle_hash x86_sha384 =
354 NN_HASH(sha384, x86_sha512_update, sha384_digest, SHA384);
355 const struct nettle_hash x86_sha512 =
356 NN_HASH(sha512, x86_sha512_update, sha512_digest, SHA512);
359 const gnutls_crypto_digest_st sha_x86_struct = {
360 .init = wrap_x86_hash_init,
361 .hash = wrap_x86_hash_update,
362 .output = wrap_x86_hash_output,
363 .deinit = wrap_x86_hash_deinit,
364 .fast = wrap_x86_hash_fast,