Source of sha256_generic.c - linux-imx - PHYTEC BitBucket (Stash)

Raw file
Source viewDiff to previous
 
/*
 * Cryptographic API.
 *
 * SHA-256, as specified in
 * http://csrc.nist.gov/groups/STM/cavp/documents/shs/sha256-384-512.pdf
 *
 * SHA-256 code by Jean-Luc Cooke <jlcooke@certainkey.com>.
 *
 * Copyright (c) Jean-Luc Cooke <jlcooke@certainkey.com>
 * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk>
 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
 * SHA224 Support Copyright 2007 Intel Corporation <jonathan.lynch@intel.com>
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the Free
 * Software Foundation; either version 2 of the License, or (at your option) 
 * any later version.
 *
 */
#include <crypto/internal/hash.h>
#include <linux/init.h>
#include <linux/module.h>
#include <linux/mm.h>
#include <linux/types.h>
#include <crypto/sha.h>
#include <crypto/sha256_base.h>
#include <asm/byteorder.h>
#include <asm/unaligned.h>
​
const u8 sha224_zero_message_hash[SHA224_DIGEST_SIZE] = {
    0xd1, 0x4a, 0x02, 0x8c, 0x2a, 0x3a, 0x2b, 0xc9, 0x47,
    0x61, 0x02, 0xbb, 0x28, 0x82, 0x34, 0xc4, 0x15, 0xa2,
    0xb0, 0x1f, 0x82, 0x8e, 0xa6, 0x2a, 0xc5, 0xb3, 0xe4,
    0x2f
};
EXPORT_SYMBOL_GPL(sha224_zero_message_hash);
​
const u8 sha256_zero_message_hash[SHA256_DIGEST_SIZE] = {
    0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14,
    0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24,
    0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
    0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55
};
EXPORT_SYMBOL_GPL(sha256_zero_message_hash);
​
static inline u32 Ch(u32 x, u32 y, u32 z)
{
    return z ^ (x & (y ^ z));
}
​
static inline u32 Maj(u32 x, u32 y, u32 z)
{
    return (x & y) | (z & (x | y));
}
​
#define e0(x)       (ror32(x, 2) ^ ror32(x,13) ^ ror32(x,22))
#define e1(x)       (ror32(x, 6) ^ ror32(x,11) ^ ror32(x,25))
#define s0(x)       (ror32(x, 7) ^ ror32(x,18) ^ (x >> 3))
#define s1(x)       (ror32(x,17) ^ ror32(x,19) ^ (x >> 10))
​
static inline void LOAD_OP(int I, u32 *W, const u8 *input)
{
    W[I] = get_unaligned_be32((__u32 *)input + I);
}
​
static inline void BLEND_OP(int I, u32 *W)
{
    W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16];
}
​
static void sha256_transform(u32 *state, const u8 *input)
{
    u32 a, b, c, d, e, f, g, h, t1, t2;
    u32 W[64];
    int i;
​
    /* load the input */
    for (i = 0; i < 16; i++)
        LOAD_OP(i, W, input);
​
    /* now blend */
    for (i = 16; i < 64; i++)
        BLEND_OP(i, W);
​
    /* load the state into our registers */
    a=state[0];  b=state[1];  c=state[2];  d=state[3];
    e=state[4];  f=state[5];  g=state[6];  h=state[7];
​
    /* now iterate */
    t1 = h + e1(e) + Ch(e,f,g) + 0x428a2f98 + W[ 0];
    t2 = e0(a) + Maj(a,b,c);    d+=t1;    h=t1+t2;
    t1 = g + e1(d) + Ch(d,e,f) + 0x71374491 + W[ 1];