source: EcnlProtoTool/trunk/openssl-1.1.0e/crypto/include/internal/md32_common.h@ 331

Last change on this file since 331 was 331, checked in by coas-nagasima, 6 years ago

prototoolに関連するプロジェクトをnewlibからmuslを使うよう変更・更新
ntshellをnewlibの下位の実装から、muslのsyscallの実装に変更・更新
以下のOSSをアップデート
・mruby-1.3.0
・musl-1.1.18
・onigmo-6.1.3
・tcc-0.9.27
以下のOSSを追加
・openssl-1.1.0e
・curl-7.57.0
・zlib-1.2.11
以下のmrbgemsを追加
・iij/mruby-digest
・iij/mruby-env
・iij/mruby-errno
・iij/mruby-iijson
・iij/mruby-ipaddr
・iij/mruby-mock
・iij/mruby-require
・iij/mruby-tls-openssl
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-chdr
File size: 13.5 KB
Line 
1/*
2 * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/*-
11 * This is a generic 32 bit "collector" for message digest algorithms.
12 * Whenever needed it collects input character stream into chunks of
13 * 32 bit values and invokes a block function that performs actual hash
14 * calculations.
15 *
16 * Porting guide.
17 *
18 * Obligatory macros:
19 *
20 * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
21 * this macro defines byte order of input stream.
22 * HASH_CBLOCK
23 * size of a unit chunk HASH_BLOCK operates on.
24 * HASH_LONG
25 * has to be at lest 32 bit wide.
26 * HASH_CTX
27 * context structure that at least contains following
28 * members:
29 * typedef struct {
30 * ...
31 * HASH_LONG Nl,Nh;
32 * either {
33 * HASH_LONG data[HASH_LBLOCK];
34 * unsigned char data[HASH_CBLOCK];
35 * };
36 * unsigned int num;
37 * ...
38 * } HASH_CTX;
39 * data[] vector is expected to be zeroed upon first call to
40 * HASH_UPDATE.
41 * HASH_UPDATE
42 * name of "Update" function, implemented here.
43 * HASH_TRANSFORM
44 * name of "Transform" function, implemented here.
45 * HASH_FINAL
46 * name of "Final" function, implemented here.
47 * HASH_BLOCK_DATA_ORDER
48 * name of "block" function capable of treating *unaligned* input
49 * message in original (data) byte order, implemented externally.
50 * HASH_MAKE_STRING
51 * macro convering context variables to an ASCII hash string.
52 *
53 * MD5 example:
54 *
55 * #define DATA_ORDER_IS_LITTLE_ENDIAN
56 *
57 * #define HASH_LONG MD5_LONG
58 * #define HASH_CTX MD5_CTX
59 * #define HASH_CBLOCK MD5_CBLOCK
60 * #define HASH_UPDATE MD5_Update
61 * #define HASH_TRANSFORM MD5_Transform
62 * #define HASH_FINAL MD5_Final
63 * #define HASH_BLOCK_DATA_ORDER md5_block_data_order
64 *
65 * <appro@fy.chalmers.se>
66 */
67
68#include <openssl/crypto.h>
69
70#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
71# error "DATA_ORDER must be defined!"
72#endif
73
74#ifndef HASH_CBLOCK
75# error "HASH_CBLOCK must be defined!"
76#endif
77#ifndef HASH_LONG
78# error "HASH_LONG must be defined!"
79#endif
80#ifndef HASH_CTX
81# error "HASH_CTX must be defined!"
82#endif
83
84#ifndef HASH_UPDATE
85# error "HASH_UPDATE must be defined!"
86#endif
87#ifndef HASH_TRANSFORM
88# error "HASH_TRANSFORM must be defined!"
89#endif
90#ifndef HASH_FINAL
91# error "HASH_FINAL must be defined!"
92#endif
93
94#ifndef HASH_BLOCK_DATA_ORDER
95# error "HASH_BLOCK_DATA_ORDER must be defined!"
96#endif
97
98/*
99 * Engage compiler specific rotate intrinsic function if available.
100 */
101#undef ROTATE
102#ifndef PEDANTIC
103# if defined(_MSC_VER)
104# define ROTATE(a,n) _lrotl(a,n)
105# elif defined(__ICC)
106# define ROTATE(a,n) _rotl(a,n)
107# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
108 /*
109 * Some GNU C inline assembler templates. Note that these are
110 * rotates by *constant* number of bits! But that's exactly
111 * what we need here...
112 * <appro@fy.chalmers.se>
113 */
114# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
115# define ROTATE(a,n) ({ register unsigned int ret; \
116 asm ( \
117 "roll %1,%0" \
118 : "=r"(ret) \
119 : "I"(n), "0"((unsigned int)(a)) \
120 : "cc"); \
121 ret; \
122 })
123# elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
124 defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
125# define ROTATE(a,n) ({ register unsigned int ret; \
126 asm ( \
127 "rlwinm %0,%1,%2,0,31" \
128 : "=r"(ret) \
129 : "r"(a), "I"(n)); \
130 ret; \
131 })
132# elif defined(__s390x__)
133# define ROTATE(a,n) ({ register unsigned int ret; \
134 asm ("rll %0,%1,%2" \
135 : "=r"(ret) \
136 : "r"(a), "I"(n)); \
137 ret; \
138 })
139# endif
140# endif
141#endif /* PEDANTIC */
142
143#ifndef ROTATE
144# define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
145#endif
146
147#if defined(DATA_ORDER_IS_BIG_ENDIAN)
148
149# ifndef PEDANTIC
150# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
151# if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \
152 (defined(__x86_64) || defined(__x86_64__))
153# if !defined(B_ENDIAN)
154 /*
155 * This gives ~30-40% performance improvement in SHA-256 compiled
156 * with gcc [on P4]. Well, first macro to be frank. We can pull
157 * this trick on x86* platforms only, because these CPUs can fetch
158 * unaligned data without raising an exception.
159 */
160# define HOST_c2l(c,l) ({ unsigned int r=*((const unsigned int *)(c)); \
161 asm ("bswapl %0":"=r"(r):"0"(r)); \
162 (c)+=4; (l)=r; })
163# define HOST_l2c(l,c) ({ unsigned int r=(l); \
164 asm ("bswapl %0":"=r"(r):"0"(r)); \
165 *((unsigned int *)(c))=r; (c)+=4; r; })
166# endif
167# elif defined(__aarch64__)
168# if defined(__BYTE_ORDER__)
169# if defined(__ORDER_LITTLE_ENDIAN__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
170# define HOST_c2l(c,l) ({ unsigned int r; \
171 asm ("rev %w0,%w1" \
172 :"=r"(r) \
173 :"r"(*((const unsigned int *)(c))));\
174 (c)+=4; (l)=r; })
175# define HOST_l2c(l,c) ({ unsigned int r; \
176 asm ("rev %w0,%w1" \
177 :"=r"(r) \
178 :"r"((unsigned int)(l)));\
179 *((unsigned int *)(c))=r; (c)+=4; r; })
180# elif defined(__ORDER_BIG_ENDIAN__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__
181# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
182# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l))
183# endif
184# endif
185# endif
186# endif
187# if defined(__s390__) || defined(__s390x__)
188# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
189# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l))
190# endif
191# endif
192
193# ifndef HOST_c2l
194# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
195 l|=(((unsigned long)(*((c)++)))<<16), \
196 l|=(((unsigned long)(*((c)++)))<< 8), \
197 l|=(((unsigned long)(*((c)++))) ) )
198# endif
199# ifndef HOST_l2c
200# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
201 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
202 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
203 *((c)++)=(unsigned char)(((l) )&0xff), \
204 l)
205# endif
206
207#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
208
209# ifndef PEDANTIC
210# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
211# if defined(__s390x__)
212# define HOST_c2l(c,l) ({ asm ("lrv %0,%1" \
213 :"=d"(l) :"m"(*(const unsigned int *)(c)));\
214 (c)+=4; (l); })
215# define HOST_l2c(l,c) ({ asm ("strv %1,%0" \
216 :"=m"(*(unsigned int *)(c)) :"d"(l));\
217 (c)+=4; (l); })
218# endif
219# endif
220# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
221# ifndef B_ENDIAN
222 /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
223# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l)
224# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l)
225# endif
226# endif
227# endif
228
229# ifndef HOST_c2l
230# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
231 l|=(((unsigned long)(*((c)++)))<< 8), \
232 l|=(((unsigned long)(*((c)++)))<<16), \
233 l|=(((unsigned long)(*((c)++)))<<24) )
234# endif
235# ifndef HOST_l2c
236# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
237 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
238 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
239 *((c)++)=(unsigned char)(((l)>>24)&0xff), \
240 l)
241# endif
242
243#endif
244
245/*
246 * Time for some action:-)
247 */
248
249int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len)
250{
251 const unsigned char *data = data_;
252 unsigned char *p;
253 HASH_LONG l;
254 size_t n;
255
256 if (len == 0)
257 return 1;
258
259 l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL;
260 /*
261 * 95-05-24 eay Fixed a bug with the overflow handling, thanks to Wei Dai
262 * <weidai@eskimo.com> for pointing it out.
263 */
264 if (l < c->Nl) /* overflow */
265 c->Nh++;
266 c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on
267 * 16-bit */
268 c->Nl = l;
269
270 n = c->num;
271 if (n != 0) {
272 p = (unsigned char *)c->data;
273
274 if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
275 memcpy(p + n, data, HASH_CBLOCK - n);
276 HASH_BLOCK_DATA_ORDER(c, p, 1);
277 n = HASH_CBLOCK - n;
278 data += n;
279 len -= n;
280 c->num = 0;
281 /*
282 * We use memset rather than OPENSSL_cleanse() here deliberately.
283 * Using OPENSSL_cleanse() here could be a performance issue. It
284 * will get properly cleansed on finalisation so this isn't a
285 * security problem.
286 */
287 memset(p, 0, HASH_CBLOCK); /* keep it zeroed */
288 } else {
289 memcpy(p + n, data, len);
290 c->num += (unsigned int)len;
291 return 1;
292 }
293 }
294
295 n = len / HASH_CBLOCK;
296 if (n > 0) {
297 HASH_BLOCK_DATA_ORDER(c, data, n);
298 n *= HASH_CBLOCK;
299 data += n;
300 len -= n;
301 }
302
303 if (len != 0) {
304 p = (unsigned char *)c->data;
305 c->num = (unsigned int)len;
306 memcpy(p, data, len);
307 }
308 return 1;
309}
310
311void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data)
312{
313 HASH_BLOCK_DATA_ORDER(c, data, 1);
314}
315
316int HASH_FINAL(unsigned char *md, HASH_CTX *c)
317{
318 unsigned char *p = (unsigned char *)c->data;
319 size_t n = c->num;
320
321 p[n] = 0x80; /* there is always room for one */
322 n++;
323
324 if (n > (HASH_CBLOCK - 8)) {
325 memset(p + n, 0, HASH_CBLOCK - n);
326 n = 0;
327 HASH_BLOCK_DATA_ORDER(c, p, 1);
328 }
329 memset(p + n, 0, HASH_CBLOCK - 8 - n);
330
331 p += HASH_CBLOCK - 8;
332#if defined(DATA_ORDER_IS_BIG_ENDIAN)
333 (void)HOST_l2c(c->Nh, p);
334 (void)HOST_l2c(c->Nl, p);
335#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
336 (void)HOST_l2c(c->Nl, p);
337 (void)HOST_l2c(c->Nh, p);
338#endif
339 p -= HASH_CBLOCK;
340 HASH_BLOCK_DATA_ORDER(c, p, 1);
341 c->num = 0;
342 OPENSSL_cleanse(p, HASH_CBLOCK);
343
344#ifndef HASH_MAKE_STRING
345# error "HASH_MAKE_STRING must be defined!"
346#else
347 HASH_MAKE_STRING(c, md);
348#endif
349
350 return 1;
351}
352
353#ifndef MD32_REG_T
354# if defined(__alpha) || defined(__sparcv9) || defined(__mips)
355# define MD32_REG_T long
356/*
357 * This comment was originally written for MD5, which is why it
358 * discusses A-D. But it basically applies to all 32-bit digests,
359 * which is why it was moved to common header file.
360 *
361 * In case you wonder why A-D are declared as long and not
362 * as MD5_LONG. Doing so results in slight performance
363 * boost on LP64 architectures. The catch is we don't
364 * really care if 32 MSBs of a 64-bit register get polluted
365 * with eventual overflows as we *save* only 32 LSBs in
366 * *either* case. Now declaring 'em long excuses the compiler
367 * from keeping 32 MSBs zeroed resulting in 13% performance
368 * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
369 * Well, to be honest it should say that this *prevents*
370 * performance degradation.
371 * <appro@fy.chalmers.se>
372 */
373# else
374/*
375 * Above is not absolute and there are LP64 compilers that
376 * generate better code if MD32_REG_T is defined int. The above
377 * pre-processor condition reflects the circumstances under which
378 * the conclusion was made and is subject to further extension.
379 * <appro@fy.chalmers.se>
380 */
381# define MD32_REG_T int
382# endif
383#endif
Note: See TracBrowser for help on using the repository browser.