1 /* ====================================================================
2 * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * [email protected].
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ==================================================================== */
48
49 #ifndef OPENSSL_HEADER_DIGEST_MD32_COMMON_H
50 #define OPENSSL_HEADER_DIGEST_MD32_COMMON_H
51
52 #include <openssl/base.h>
53
54 #include <assert.h>
55
56 #include "../../internal.h"
57
58 #if defined(__cplusplus)
59 extern "C" {
60 #endif
61
62
63 // This is a generic 32-bit "collector" for message digest algorithms. It
64 // collects input character stream into chunks of 32-bit values and invokes the
65 // block function that performs the actual hash calculations.
66 //
67 // To make use of this mechanism, the hash context should be defined with the
68 // following parameters.
69 //
70 // typedef struct <name>_state_st {
71 // uint32_t h[<chaining length> / sizeof(uint32_t)];
72 // uint32_t Nl, Nh;
73 // uint8_t data[<block size>];
74 // unsigned num;
75 // ...
76 // } <NAME>_CTX;
77 //
78 // <chaining length> is the output length of the hash in bytes, before
79 // any truncation (e.g. 64 for SHA-224 and SHA-256, 128 for SHA-384 and
80 // SHA-512).
81 //
82 // |h| is the hash state and is updated by a function of type
83 // |crypto_md32_block_func|. |data| is the partial unprocessed block and has
84 // |num| bytes. |Nl| and |Nh| maintain the number of bits processed so far.
85
86 // A crypto_md32_block_func should incorporate |num_blocks| of input from |data|
87 // into |state|. It is assumed the caller has sized |state| and |data| for the
88 // hash function.
89 typedef void (*crypto_md32_block_func)(uint32_t *state, const uint8_t *data,
90 size_t num_blocks);
91
92 // crypto_md32_update adds |len| bytes from |in| to the digest. |data| must be a
93 // buffer of length |block_size| with the first |*num| bytes containing a
94 // partial block. This function combines the partial block with |in| and
95 // incorporates any complete blocks into the digest state |h|. It then updates
96 // |data| and |*num| with the new partial block and updates |*Nh| and |*Nl| with
97 // the data consumed.
crypto_md32_update(crypto_md32_block_func block_func,uint32_t * h,uint8_t * data,size_t block_size,unsigned * num,uint32_t * Nh,uint32_t * Nl,const uint8_t * in,size_t len)98 static inline void crypto_md32_update(crypto_md32_block_func block_func,
99 uint32_t *h, uint8_t *data,
100 size_t block_size, unsigned *num,
101 uint32_t *Nh, uint32_t *Nl,
102 const uint8_t *in, size_t len) {
103 if (len == 0) {
104 return;
105 }
106
107 uint32_t l = *Nl + (((uint32_t)len) << 3);
108 if (l < *Nl) {
109 // Handle carries.
110 (*Nh)++;
111 }
112 *Nh += (uint32_t)(len >> 29);
113 *Nl = l;
114
115 size_t n = *num;
116 if (n != 0) {
117 if (len >= block_size || len + n >= block_size) {
118 OPENSSL_memcpy(data + n, in, block_size - n);
119 block_func(h, data, 1);
120 n = block_size - n;
121 in += n;
122 len -= n;
123 *num = 0;
124 // Keep |data| zeroed when unused.
125 OPENSSL_memset(data, 0, block_size);
126 } else {
127 OPENSSL_memcpy(data + n, in, len);
128 *num += (unsigned)len;
129 return;
130 }
131 }
132
133 n = len / block_size;
134 if (n > 0) {
135 block_func(h, in, n);
136 n *= block_size;
137 in += n;
138 len -= n;
139 }
140
141 if (len != 0) {
142 *num = (unsigned)len;
143 OPENSSL_memcpy(data, in, len);
144 }
145 }
146
147 // crypto_md32_final incorporates the partial block and trailing length into the
148 // digest state |h|. The trailing length is encoded in little-endian if
149 // |is_big_endian| is zero and big-endian otherwise. |data| must be a buffer of
150 // length |block_size| with the first |*num| bytes containing a partial block.
151 // |Nh| and |Nl| contain the total number of bits processed. On return, this
152 // function clears the partial block in |data| and
153 // |*num|.
154 //
155 // This function does not serialize |h| into a final digest. This is the
156 // responsibility of the caller.
crypto_md32_final(crypto_md32_block_func block_func,uint32_t * h,uint8_t * data,size_t block_size,unsigned * num,uint32_t Nh,uint32_t Nl,int is_big_endian)157 static inline void crypto_md32_final(crypto_md32_block_func block_func,
158 uint32_t *h, uint8_t *data,
159 size_t block_size, unsigned *num,
160 uint32_t Nh, uint32_t Nl,
161 int is_big_endian) {
162 // |data| always has room for at least one byte. A full block would have
163 // been consumed.
164 size_t n = *num;
165 assert(n < block_size);
166 data[n] = 0x80;
167 n++;
168
169 // Fill the block with zeros if there isn't room for a 64-bit length.
170 if (n > block_size - 8) {
171 OPENSSL_memset(data + n, 0, block_size - n);
172 n = 0;
173 block_func(h, data, 1);
174 }
175 OPENSSL_memset(data + n, 0, block_size - 8 - n);
176
177 // Append a 64-bit length to the block and process it.
178 if (is_big_endian) {
179 CRYPTO_store_u32_be(data + block_size - 8, Nh);
180 CRYPTO_store_u32_be(data + block_size - 4, Nl);
181 } else {
182 CRYPTO_store_u32_le(data + block_size - 8, Nl);
183 CRYPTO_store_u32_le(data + block_size - 4, Nh);
184 }
185 block_func(h, data, 1);
186 *num = 0;
187 OPENSSL_memset(data, 0, block_size);
188 }
189
190
191 #if defined(__cplusplus)
192 } // extern C
193 #endif
194
195 #endif // OPENSSL_HEADER_DIGEST_MD32_COMMON_H
196