/*
- * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
#include <openssl/opensslv.h>
#include "internal/cryptlib.h"
+#include "crypto/sha.h"
#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \
# define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
#endif
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define U64(C) C##UI64
+#elif defined(__arch64__)
+# define U64(C) C##UL
+#else
+# define U64(C) C##ULL
+#endif
+
+int sha512_224_init(SHA512_CTX *c)
+{
+ c->h[0] = U64(0x8c3d37c819544da2);
+ c->h[1] = U64(0x73e1996689dcd4d6);
+ c->h[2] = U64(0x1dfab7ae32ff9c82);
+ c->h[3] = U64(0x679dd514582f9fcf);
+ c->h[4] = U64(0x0f6d2b697bd44da8);
+ c->h[5] = U64(0x77e36f7304c48942);
+ c->h[6] = U64(0x3f9d85a86a1d36c8);
+ c->h[7] = U64(0x1112e6ad91d692a1);
+
+ c->Nl = 0;
+ c->Nh = 0;
+ c->num = 0;
+ c->md_len = SHA224_DIGEST_LENGTH;
+ return 1;
+}
+
+int sha512_256_init(SHA512_CTX *c)
+{
+ c->h[0] = U64(0x22312194fc2bf72c);
+ c->h[1] = U64(0x9f555fa3c84c64c2);
+ c->h[2] = U64(0x2393b86b6f53b151);
+ c->h[3] = U64(0x963877195940eabd);
+ c->h[4] = U64(0x96283ee2a88effe3);
+ c->h[5] = U64(0xbe5e1e2553863992);
+ c->h[6] = U64(0x2b0199fc2c85b8aa);
+ c->h[7] = U64(0x0eb72ddc81c52ca2);
+
+ c->Nl = 0;
+ c->Nh = 0;
+ c->num = 0;
+ c->md_len = SHA256_DIGEST_LENGTH;
+ return 1;
+}
+
int SHA384_Init(SHA512_CTX *c)
{
c->h[0] = U64(0xcbbb9d5dc1059ed8);
switch (c->md_len) {
/* Let compiler decide if it's appropriate to unroll... */
+ case SHA224_DIGEST_LENGTH:
+ for (n = 0; n < SHA224_DIGEST_LENGTH / 8; n++) {
+ SHA_LONG64 t = c->h[n];
+
+ *(md++) = (unsigned char)(t >> 56);
+ *(md++) = (unsigned char)(t >> 48);
+ *(md++) = (unsigned char)(t >> 40);
+ *(md++) = (unsigned char)(t >> 32);
+ *(md++) = (unsigned char)(t >> 24);
+ *(md++) = (unsigned char)(t >> 16);
+ *(md++) = (unsigned char)(t >> 8);
+ *(md++) = (unsigned char)(t);
+ }
+ /*
+ * For 224 bits, there are four bytes left over that have to be
+ * processed separately.
+ */
+ {
+ SHA_LONG64 t = c->h[SHA224_DIGEST_LENGTH / 8];
+
+ *(md++) = (unsigned char)(t >> 56);
+ *(md++) = (unsigned char)(t >> 48);
+ *(md++) = (unsigned char)(t >> 40);
+ *(md++) = (unsigned char)(t >> 32);
+ }
+ break;
+ case SHA256_DIGEST_LENGTH:
+ for (n = 0; n < SHA256_DIGEST_LENGTH / 8; n++) {
+ SHA_LONG64 t = c->h[n];
+
+ *(md++) = (unsigned char)(t >> 56);
+ *(md++) = (unsigned char)(t >> 48);
+ *(md++) = (unsigned char)(t >> 40);
+ *(md++) = (unsigned char)(t >> 32);
+ *(md++) = (unsigned char)(t >> 24);
+ *(md++) = (unsigned char)(t >> 16);
+ *(md++) = (unsigned char)(t >> 8);
+ *(md++) = (unsigned char)(t);
+ }
+ break;
case SHA384_DIGEST_LENGTH:
for (n = 0; n < SHA384_DIGEST_LENGTH / 8; n++) {
SHA_LONG64 t = c->h[n];