summaryrefslogtreecommitdiff
path: root/nacl/crypto_hashblocks/sha256/ref/blocks.c
diff options
context:
space:
mode:
Diffstat (limited to 'nacl/crypto_hashblocks/sha256/ref/blocks.c')
-rw-r--r--nacl/crypto_hashblocks/sha256/ref/blocks.c212
1 files changed, 212 insertions, 0 deletions
diff --git a/nacl/crypto_hashblocks/sha256/ref/blocks.c b/nacl/crypto_hashblocks/sha256/ref/blocks.c
new file mode 100644
index 00000000..ad977945
--- /dev/null
+++ b/nacl/crypto_hashblocks/sha256/ref/blocks.c
@@ -0,0 +1,212 @@
1#include "crypto_hashblocks.h"
2
3typedef unsigned int uint32;
4
5static uint32 load_bigendian(const unsigned char *x)
6{
7 return
8 (uint32) (x[3]) \
9 | (((uint32) (x[2])) << 8) \
10 | (((uint32) (x[1])) << 16) \
11 | (((uint32) (x[0])) << 24)
12 ;
13}
14
15static void store_bigendian(unsigned char *x,uint32 u)
16{
17 x[3] = u; u >>= 8;
18 x[2] = u; u >>= 8;
19 x[1] = u; u >>= 8;
20 x[0] = u;
21}
22
23#define SHR(x,c) ((x) >> (c))
24#define ROTR(x,c) (((x) >> (c)) | ((x) << (32 - (c))))
25
26#define Ch(x,y,z) ((x & y) ^ (~x & z))
27#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
28#define Sigma0(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
29#define Sigma1(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
30#define sigma0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3))
31#define sigma1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10))
32
33#define M(w0,w14,w9,w1) w0 = sigma1(w14) + w9 + sigma0(w1) + w0;
34
35#define EXPAND \
36 M(w0 ,w14,w9 ,w1 ) \
37 M(w1 ,w15,w10,w2 ) \
38 M(w2 ,w0 ,w11,w3 ) \
39 M(w3 ,w1 ,w12,w4 ) \
40 M(w4 ,w2 ,w13,w5 ) \
41 M(w5 ,w3 ,w14,w6 ) \
42 M(w6 ,w4 ,w15,w7 ) \
43 M(w7 ,w5 ,w0 ,w8 ) \
44 M(w8 ,w6 ,w1 ,w9 ) \
45 M(w9 ,w7 ,w2 ,w10) \
46 M(w10,w8 ,w3 ,w11) \
47 M(w11,w9 ,w4 ,w12) \
48 M(w12,w10,w5 ,w13) \
49 M(w13,w11,w6 ,w14) \
50 M(w14,w12,w7 ,w15) \
51 M(w15,w13,w8 ,w0 )
52
53#define F(w,k) \
54 T1 = h + Sigma1(e) + Ch(e,f,g) + k + w; \
55 T2 = Sigma0(a) + Maj(a,b,c); \
56 h = g; \
57 g = f; \
58 f = e; \
59 e = d + T1; \
60 d = c; \
61 c = b; \
62 b = a; \
63 a = T1 + T2;
64
65int crypto_hashblocks(unsigned char *statebytes,const unsigned char *in,unsigned long long inlen)
66{
67 uint32 state[8];
68 uint32 a;
69 uint32 b;
70 uint32 c;
71 uint32 d;
72 uint32 e;
73 uint32 f;
74 uint32 g;
75 uint32 h;
76 uint32 T1;
77 uint32 T2;
78
79 a = load_bigendian(statebytes + 0); state[0] = a;
80 b = load_bigendian(statebytes + 4); state[1] = b;
81 c = load_bigendian(statebytes + 8); state[2] = c;
82 d = load_bigendian(statebytes + 12); state[3] = d;
83 e = load_bigendian(statebytes + 16); state[4] = e;
84 f = load_bigendian(statebytes + 20); state[5] = f;
85 g = load_bigendian(statebytes + 24); state[6] = g;
86 h = load_bigendian(statebytes + 28); state[7] = h;
87
88 while (inlen >= 64) {
89 uint32 w0 = load_bigendian(in + 0);
90 uint32 w1 = load_bigendian(in + 4);
91 uint32 w2 = load_bigendian(in + 8);
92 uint32 w3 = load_bigendian(in + 12);
93 uint32 w4 = load_bigendian(in + 16);
94 uint32 w5 = load_bigendian(in + 20);
95 uint32 w6 = load_bigendian(in + 24);
96 uint32 w7 = load_bigendian(in + 28);
97 uint32 w8 = load_bigendian(in + 32);
98 uint32 w9 = load_bigendian(in + 36);
99 uint32 w10 = load_bigendian(in + 40);
100 uint32 w11 = load_bigendian(in + 44);
101 uint32 w12 = load_bigendian(in + 48);
102 uint32 w13 = load_bigendian(in + 52);
103 uint32 w14 = load_bigendian(in + 56);
104 uint32 w15 = load_bigendian(in + 60);
105
106 F(w0 ,0x428a2f98)
107 F(w1 ,0x71374491)
108 F(w2 ,0xb5c0fbcf)
109 F(w3 ,0xe9b5dba5)
110 F(w4 ,0x3956c25b)
111 F(w5 ,0x59f111f1)
112 F(w6 ,0x923f82a4)
113 F(w7 ,0xab1c5ed5)
114 F(w8 ,0xd807aa98)
115 F(w9 ,0x12835b01)
116 F(w10,0x243185be)
117 F(w11,0x550c7dc3)
118 F(w12,0x72be5d74)
119 F(w13,0x80deb1fe)
120 F(w14,0x9bdc06a7)
121 F(w15,0xc19bf174)
122
123 EXPAND
124
125 F(w0 ,0xe49b69c1)
126 F(w1 ,0xefbe4786)
127 F(w2 ,0x0fc19dc6)
128 F(w3 ,0x240ca1cc)
129 F(w4 ,0x2de92c6f)
130 F(w5 ,0x4a7484aa)
131 F(w6 ,0x5cb0a9dc)
132 F(w7 ,0x76f988da)
133 F(w8 ,0x983e5152)
134 F(w9 ,0xa831c66d)
135 F(w10,0xb00327c8)
136 F(w11,0xbf597fc7)
137 F(w12,0xc6e00bf3)
138 F(w13,0xd5a79147)
139 F(w14,0x06ca6351)
140 F(w15,0x14292967)
141
142 EXPAND
143
144 F(w0 ,0x27b70a85)
145 F(w1 ,0x2e1b2138)
146 F(w2 ,0x4d2c6dfc)
147 F(w3 ,0x53380d13)
148 F(w4 ,0x650a7354)
149 F(w5 ,0x766a0abb)
150 F(w6 ,0x81c2c92e)
151 F(w7 ,0x92722c85)
152 F(w8 ,0xa2bfe8a1)
153 F(w9 ,0xa81a664b)
154 F(w10,0xc24b8b70)
155 F(w11,0xc76c51a3)
156 F(w12,0xd192e819)
157 F(w13,0xd6990624)
158 F(w14,0xf40e3585)
159 F(w15,0x106aa070)
160
161 EXPAND
162
163 F(w0 ,0x19a4c116)
164 F(w1 ,0x1e376c08)
165 F(w2 ,0x2748774c)
166 F(w3 ,0x34b0bcb5)
167 F(w4 ,0x391c0cb3)
168 F(w5 ,0x4ed8aa4a)
169 F(w6 ,0x5b9cca4f)
170 F(w7 ,0x682e6ff3)
171 F(w8 ,0x748f82ee)
172 F(w9 ,0x78a5636f)
173 F(w10,0x84c87814)
174 F(w11,0x8cc70208)
175 F(w12,0x90befffa)
176 F(w13,0xa4506ceb)
177 F(w14,0xbef9a3f7)
178 F(w15,0xc67178f2)
179
180 a += state[0];
181 b += state[1];
182 c += state[2];
183 d += state[3];
184 e += state[4];
185 f += state[5];
186 g += state[6];
187 h += state[7];
188
189 state[0] = a;
190 state[1] = b;
191 state[2] = c;
192 state[3] = d;
193 state[4] = e;
194 state[5] = f;
195 state[6] = g;
196 state[7] = h;
197
198 in += 64;
199 inlen -= 64;
200 }
201
202 store_bigendian(statebytes + 0,state[0]);
203 store_bigendian(statebytes + 4,state[1]);
204 store_bigendian(statebytes + 8,state[2]);
205 store_bigendian(statebytes + 12,state[3]);
206 store_bigendian(statebytes + 16,state[4]);
207 store_bigendian(statebytes + 20,state[5]);
208 store_bigendian(statebytes + 24,state[6]);
209 store_bigendian(statebytes + 28,state[7]);
210
211 return 0;
212}