Francois Berder / Crypto

This library implements some hash and cryptographic algorithms.

Dependents:   mBuinoBlinky PB_Emma_Ethernet SLOTrashHTTP Garagem ... more

This library implements the following algorithms :

  • RC4
  • AES (AES-128, AES-192, AES-256)
  • DES
  • Triple DES (EDE)
  • MD2
  • MD4
  • MD5
  • SHA-1
  • SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512)

The hash algorithms have been optimized for the mbed and you should get decent performance. However, I did not optimize the ciphers. Also, I did not test extensively these algorithms : it should work but you may find some bugs. Block ciphers support two modes : ECB and CBC.

Warning

If you are using SHA-384 or SHA-512, be aware that it produces large binary files and the compilation (using the online compiler) takes much longer to execute. It may happen that the compiler stops because it timed-out. In this case, just compile again and it should work.

Computing hash

You can compute the hash of some data in two different ways. The first one is the easiest, each hash algorithm has a static method that takes some data and compute the hash from it.

Computing hash using method 1

#include "Crypto.h"
#include "mbed.h"

static const char msg[] = "mbed is great !";

int main()
{
    uint8_t hash[16];
    MD2::computeHash(hash, (uint8_t*)msg, strlen(msg));
    printf("hash: ");
    for(int i = 0; i < 16; ++i)
        printf("%02x", hash[i]);
    printf("\n");
    
    return 0;
}

The second one is slightly slower (around 2-3% slower) but it allows you to compute the hash of some data in several steps (by calling update method). This is the method you should use if you need to compute the hash from a large source and you don't have enough memory to store it in a single buffer.

Computing hash using method 2

#include "Crypto.h"
#include "mbed.h"

static const char msg[] = "mbed is great !";

int main()
{
    uint8_t hash[16];
    MD2 h;
    h.update((uint8_t*)msg, strlen(msg));
    h.finalize(hash);
    printf("hash: ");
    for(int i = 0; i < 16; ++i)
        printf("%02x", hash[i]);
    printf("\n");
    
    return 0;
}

TODO

  • optimize ciphers
  • add doc

SHA2_32.cpp@6:19aa835f2bbb, 2013-09-12 (annotated)

Committer:
feb11
Date:
Thu Sep 12 16:03:43 2013 +0000
Revision:
6:19aa835f2bbb
Parent:
5:06cd9c8afa0b 
change public API for hash + small improvements for hash + rearrange code

Who changed what in which revision?

UserRevisionLine numberNew contents of line
feb11 0:7a1237bd2d13 1 #include "SHA2_32.h"
feb11 0:7a1237bd2d13 2 #include <string.h>
feb11 0:7a1237bd2d13 3 #include <stdio.h>
feb11 0:7a1237bd2d13 4 #include <stdlib.h>
feb11 0:7a1237bd2d13 5
feb11 4:0da19393bd57 6
feb11 4:0da19393bd57 7 static const uint8_t MASK = 0x0F;
feb11 4:0da19393bd57 8 #define W(t) (w[(t)] = SSIG1(w[((t)+14)&MASK]) + w[((t)+9)&MASK] + SSIG0(w[((t)+1)&MASK]) + w[t])
feb11 0:7a1237bd2d13 9
feb11 3:85c6ee25cf3e 10 #define ROTL(W,N) (((W) << (N)) | ((W) >> (32-(N))))
feb11 3:85c6ee25cf3e 11 #define ROTR(W,N) (((W) >> (N)) | ((W) << (32-(N))))
feb11 3:85c6ee25cf3e 12 #define CH(X,Y,Z) (((X) & (Y)) ^ ((~(X)) & (Z)))
feb11 3:85c6ee25cf3e 13 #define MAJ(X,Y,Z) (((X) & (Y)) ^ ((X) & (Z)) ^ ((Y) & (Z)))
feb11 3:85c6ee25cf3e 14 #define BSIG0(X) (ROTR(X,2) ^ ROTR(X,13) ^ ROTR(X,22))
feb11 3:85c6ee25cf3e 15 #define BSIG1(X) (ROTR(X,6) ^ ROTR(X,11) ^ ROTR(X,25))
feb11 3:85c6ee25cf3e 16 #define SSIG0(X) (ROTR((X),7) ^ ROTR((X),18) ^ ((X) >> 3))
feb11 3:85c6ee25cf3e 17 #define SSIG1(X) (ROTR((X),17) ^ ROTR((X),19) ^ ((X) >> 10))
feb11 4:0da19393bd57 18 #define R(A,B,C,D,E,F,G,H,T,K) T1 = H + BSIG1(E) + CH(E,F,G) + K + (w[T] = __rev(buffer2[T])); \
feb11 4:0da19393bd57 19 T2 = BSIG0(A) + MAJ(A,B,C); \
feb11 4:0da19393bd57 20 D += T1; \
feb11 4:0da19393bd57 21 H = T1 + T2;
feb11 4:0da19393bd57 22 #define R2(A,B,C,D,E,F,G,H,T,K) T1 = H + BSIG1(E) + CH(E,F,G) + K + W(T&MASK); \
feb11 3:85c6ee25cf3e 23 T2 = BSIG0(A) + MAJ(A,B,C); \
feb11 3:85c6ee25cf3e 24 D += T1; \
feb11 3:85c6ee25cf3e 25 H = T1 + T2;
feb11 3:85c6ee25cf3e 26
feb11 0:7a1237bd2d13 27 static const uint32_t H[] =
feb11 0:7a1237bd2d13 28 {
feb11 0:7a1237bd2d13 29 // SHA-224
feb11 0:7a1237bd2d13 30 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
feb11 0:7a1237bd2d13 31 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4,
feb11 0:7a1237bd2d13 32
feb11 0:7a1237bd2d13 33 // SHA-256
feb11 0:7a1237bd2d13 34 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
feb11 0:7a1237bd2d13 35 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
feb11 0:7a1237bd2d13 36 };
feb11 0:7a1237bd2d13 37
feb11 0:7a1237bd2d13 38 SHA2_32::SHA2_32(SHA_32_TYPE t):
feb11 0:7a1237bd2d13 39 type(t),
feb11 0:7a1237bd2d13 40 totalBufferLength(0),
feb11 0:7a1237bd2d13 41 bufferLength(0)
feb11 0:7a1237bd2d13 42 {
feb11 0:7a1237bd2d13 43 switch(type)
feb11 0:7a1237bd2d13 44 {
feb11 0:7a1237bd2d13 45 case SHA_224:
feb11 0:7a1237bd2d13 46 h0 = H[0];
feb11 0:7a1237bd2d13 47 h1 = H[1];
feb11 0:7a1237bd2d13 48 h2 = H[2];
feb11 0:7a1237bd2d13 49 h3 = H[3];
feb11 0:7a1237bd2d13 50 h4 = H[4];
feb11 0:7a1237bd2d13 51 h5 = H[5];
feb11 0:7a1237bd2d13 52 h6 = H[6];
feb11 0:7a1237bd2d13 53 h7 = H[7];
feb11 0:7a1237bd2d13 54 break;
feb11 0:7a1237bd2d13 55
feb11 0:7a1237bd2d13 56 case SHA_256:
feb11 0:7a1237bd2d13 57 h0 = H[8];
feb11 0:7a1237bd2d13 58 h1 = H[9];
feb11 0:7a1237bd2d13 59 h2 = H[10];
feb11 0:7a1237bd2d13 60 h3 = H[11];
feb11 0:7a1237bd2d13 61 h4 = H[12];
feb11 0:7a1237bd2d13 62 h5 = H[13];
feb11 0:7a1237bd2d13 63 h6 = H[14];
feb11 0:7a1237bd2d13 64 h7 = H[15];
feb11 0:7a1237bd2d13 65 break;
feb11 0:7a1237bd2d13 66 }
feb11 0:7a1237bd2d13 67 }
feb11 0:7a1237bd2d13 68
feb11 6:19aa835f2bbb 69 void SHA2_32::update(uint8_t *data, uint32_t length)
feb11 0:7a1237bd2d13 70 {
feb11 0:7a1237bd2d13 71 if(length < 64-bufferLength)
feb11 0:7a1237bd2d13 72 {
feb11 6:19aa835f2bbb 73 memcpy(&buffer[bufferLength], data, length);
feb11 0:7a1237bd2d13 74 bufferLength += length;
feb11 0:7a1237bd2d13 75 totalBufferLength += length;
feb11 0:7a1237bd2d13 76 return;
feb11 0:7a1237bd2d13 77 }
feb11 0:7a1237bd2d13 78 int offset = 64-bufferLength;
feb11 6:19aa835f2bbb 79 memcpy(&buffer[bufferLength], data, offset);
feb11 0:7a1237bd2d13 80 computeBlock(&h0,&h1,&h2,&h3,&h4,&h5,&h6,&h7,buffer);
feb11 0:7a1237bd2d13 81 while(length-offset > 64)
feb11 0:7a1237bd2d13 82 {
feb11 6:19aa835f2bbb 83 memcpy(buffer, &data[offset], 64);
feb11 0:7a1237bd2d13 84 computeBlock(&h0,&h1,&h2,&h3,&h4,&h5,&h6,&h7,buffer);
feb11 0:7a1237bd2d13 85 offset += 64;
feb11 0:7a1237bd2d13 86 }
feb11 0:7a1237bd2d13 87 if(offset > length)
feb11 0:7a1237bd2d13 88 offset -= 64;
feb11 0:7a1237bd2d13 89 bufferLength = length - offset;
feb11 6:19aa835f2bbb 90 memcpy(buffer, &data[offset], bufferLength);
feb11 0:7a1237bd2d13 91 totalBufferLength += length;
feb11 0:7a1237bd2d13 92 }
feb11 0:7a1237bd2d13 93
feb11 6:19aa835f2bbb 94 void SHA2_32::finalize(uint8_t *hash)
feb11 0:7a1237bd2d13 95 {
feb11 6:19aa835f2bbb 96 uint32_t *hash2 = (uint32_t*)hash;
feb11 0:7a1237bd2d13 97 uint16_t padding;
feb11 0:7a1237bd2d13 98 if(totalBufferLength % 64 < 56)
feb11 0:7a1237bd2d13 99 padding = 56 - (totalBufferLength % 64);
feb11 0:7a1237bd2d13 100 else
feb11 0:7a1237bd2d13 101 padding = 56 + (64 - (totalBufferLength % 64));
feb11 3:85c6ee25cf3e 102
feb11 3:85c6ee25cf3e 103 buffer[bufferLength++] = 0x80;
feb11 3:85c6ee25cf3e 104 padding--;
feb11 3:85c6ee25cf3e 105 if(padding+bufferLength == 56)
feb11 3:85c6ee25cf3e 106 memset(&buffer[bufferLength], 0, padding);
feb11 3:85c6ee25cf3e 107 else
feb11 3:85c6ee25cf3e 108 {
feb11 3:85c6ee25cf3e 109 memset(&buffer[bufferLength], 0, 64-bufferLength);
feb11 3:85c6ee25cf3e 110 computeBlock(&h0, &h1, &h2, &h3, &h4, &h5, &h6, &h7, buffer);
feb11 5:06cd9c8afa0b 111 memset(buffer, 0, 56);
feb11 3:85c6ee25cf3e 112 }
feb11 3:85c6ee25cf3e 113
feb11 3:85c6ee25cf3e 114 uint64_t lengthBit = totalBufferLength << 3;
feb11 0:7a1237bd2d13 115 uint32_t lengthBitLow = lengthBit;
feb11 0:7a1237bd2d13 116 uint32_t lengthBitHigh = lengthBit >> 32;
feb11 3:85c6ee25cf3e 117 lengthBitLow = __rev(lengthBitLow);
feb11 3:85c6ee25cf3e 118 lengthBitHigh = __rev(lengthBitHigh);
feb11 3:85c6ee25cf3e 119 memcpy(&buffer[60], &lengthBitLow, 4);
feb11 3:85c6ee25cf3e 120 memcpy(&buffer[56], &lengthBitHigh, 4);
feb11 3:85c6ee25cf3e 121 computeBlock(&h0, &h1, &h2, &h3, &h4, &h5, &h6, &h7, buffer);
feb11 0:7a1237bd2d13 122
feb11 6:19aa835f2bbb 123 hash2[0] = __rev(h0);
feb11 6:19aa835f2bbb 124 hash2[1] = __rev(h1);
feb11 6:19aa835f2bbb 125 hash2[2] = __rev(h2);
feb11 6:19aa835f2bbb 126 hash2[3] = __rev(h3);
feb11 6:19aa835f2bbb 127 hash2[4] = __rev(h4);
feb11 6:19aa835f2bbb 128 hash2[5] = __rev(h5);
feb11 6:19aa835f2bbb 129 hash2[6] = __rev(h6);
feb11 6:19aa835f2bbb 130
feb11 3:85c6ee25cf3e 131
feb11 0:7a1237bd2d13 132 if(type == SHA_256)
feb11 6:19aa835f2bbb 133 hash2[7] = __rev(h7);
feb11 0:7a1237bd2d13 134
feb11 0:7a1237bd2d13 135 // reset state
feb11 0:7a1237bd2d13 136 switch(type)
feb11 0:7a1237bd2d13 137 {
feb11 0:7a1237bd2d13 138 case SHA_224:
feb11 0:7a1237bd2d13 139 h0 = H[0];
feb11 0:7a1237bd2d13 140 h1 = H[1];
feb11 0:7a1237bd2d13 141 h2 = H[2];
feb11 0:7a1237bd2d13 142 h3 = H[3];
feb11 0:7a1237bd2d13 143 h4 = H[4];
feb11 0:7a1237bd2d13 144 h5 = H[5];
feb11 0:7a1237bd2d13 145 h6 = H[6];
feb11 0:7a1237bd2d13 146 h7 = H[7];
feb11 0:7a1237bd2d13 147 break;
feb11 0:7a1237bd2d13 148
feb11 0:7a1237bd2d13 149 case SHA_256:
feb11 0:7a1237bd2d13 150 h0 = H[8];
feb11 0:7a1237bd2d13 151 h1 = H[9];
feb11 0:7a1237bd2d13 152 h2 = H[10];
feb11 0:7a1237bd2d13 153 h3 = H[11];
feb11 0:7a1237bd2d13 154 h4 = H[12];
feb11 0:7a1237bd2d13 155 h5 = H[13];
feb11 0:7a1237bd2d13 156 h6 = H[14];
feb11 0:7a1237bd2d13 157 h7 = H[15];
feb11 0:7a1237bd2d13 158 break;
feb11 0:7a1237bd2d13 159 }
feb11 0:7a1237bd2d13 160 totalBufferLength = 0;
feb11 0:7a1237bd2d13 161 bufferLength = 0;
feb11 0:7a1237bd2d13 162 }
feb11 0:7a1237bd2d13 163
feb11 6:19aa835f2bbb 164 void SHA2_32::computeHash(SHA_32_TYPE type, uint8_t *hash, uint8_t *data, uint32_t length)
feb11 6:19aa835f2bbb 165 {
feb11 6:19aa835f2bbb 166 uint32_t *hash2 = (uint32_t*)hash;
feb11 6:19aa835f2bbb 167 uint32_t h0 = H[type*8], h1 = H[type*8+1], h2 = H[type*8+2], h3 = H[type*8+3];
feb11 6:19aa835f2bbb 168 uint32_t h4 = H[type*8+4], h5 = H[type*8+5], h6 = H[type*8+6], h7 = H[type*8+7];
feb11 6:19aa835f2bbb 169 uint64_t lengthBit = length << 3;
feb11 6:19aa835f2bbb 170 uint16_t padding;
feb11 6:19aa835f2bbb 171 if(length % 64 < 56)
feb11 6:19aa835f2bbb 172 padding = 56 - (length % 64);
feb11 6:19aa835f2bbb 173 else
feb11 6:19aa835f2bbb 174 padding = 56 + (64 - (length % 64));
feb11 6:19aa835f2bbb 175
feb11 6:19aa835f2bbb 176 while(length >= 64)
feb11 6:19aa835f2bbb 177 {
feb11 6:19aa835f2bbb 178 computeBlock(&h0, &h1, &h2, &h3, &h4, &h5, &h6, &h7, data);
feb11 6:19aa835f2bbb 179 length -= 64;
feb11 6:19aa835f2bbb 180 data += 64;
feb11 6:19aa835f2bbb 181 }
feb11 6:19aa835f2bbb 182 uint8_t buffer[64];
feb11 6:19aa835f2bbb 183 memcpy(buffer, data,length);
feb11 6:19aa835f2bbb 184 buffer[length++] = 0x80;
feb11 6:19aa835f2bbb 185 padding--;
feb11 6:19aa835f2bbb 186 if(padding+length == 56)
feb11 6:19aa835f2bbb 187 memset(&buffer[length], 0, padding);
feb11 6:19aa835f2bbb 188 else
feb11 6:19aa835f2bbb 189 {
feb11 6:19aa835f2bbb 190 memset(&buffer[length], 0, 64-length);
feb11 6:19aa835f2bbb 191 computeBlock(&h0, &h1, &h2, &h3, &h4, &h5, &h6, &h7, buffer);
feb11 6:19aa835f2bbb 192 memset(buffer, 0, 56);
feb11 6:19aa835f2bbb 193 }
feb11 6:19aa835f2bbb 194
feb11 6:19aa835f2bbb 195 uint32_t lengthBitLow = lengthBit;
feb11 6:19aa835f2bbb 196 uint32_t lengthBitHigh = lengthBit >> 32;
feb11 6:19aa835f2bbb 197 lengthBitLow = __rev(lengthBitLow);
feb11 6:19aa835f2bbb 198 memcpy(&buffer[60], &lengthBitLow, 4);
feb11 6:19aa835f2bbb 199 lengthBitHigh = __rev(lengthBitHigh);
feb11 6:19aa835f2bbb 200 memcpy(&buffer[56], &lengthBitHigh, 4);
feb11 6:19aa835f2bbb 201 computeBlock(&h0, &h1, &h2, &h3, &h4, &h5, &h6, &h7, buffer);
feb11 6:19aa835f2bbb 202
feb11 6:19aa835f2bbb 203 hash2[0] = __rev(h0);
feb11 6:19aa835f2bbb 204 hash2[1] = __rev(h1);
feb11 6:19aa835f2bbb 205 hash2[2] = __rev(h2);
feb11 6:19aa835f2bbb 206 hash2[3] = __rev(h3);
feb11 6:19aa835f2bbb 207 hash2[4] = __rev(h4);
feb11 6:19aa835f2bbb 208 hash2[5] = __rev(h5);
feb11 6:19aa835f2bbb 209 hash2[6] = __rev(h6);
feb11 6:19aa835f2bbb 210
feb11 6:19aa835f2bbb 211
feb11 6:19aa835f2bbb 212 if(type == SHA_256)
feb11 6:19aa835f2bbb 213 hash2[7] = __rev(h7);
feb11 6:19aa835f2bbb 214 }
feb11 6:19aa835f2bbb 215
feb11 0:7a1237bd2d13 216 void SHA2_32::computeBlock(uint32_t *h02,
feb11 0:7a1237bd2d13 217 uint32_t *h12,
feb11 0:7a1237bd2d13 218 uint32_t *h22,
feb11 0:7a1237bd2d13 219 uint32_t *h32,
feb11 0:7a1237bd2d13 220 uint32_t *h42,
feb11 0:7a1237bd2d13 221 uint32_t *h52,
feb11 0:7a1237bd2d13 222 uint32_t *h62,
feb11 0:7a1237bd2d13 223 uint32_t *h72,
feb11 0:7a1237bd2d13 224 uint8_t *buffer)
feb11 0:7a1237bd2d13 225 {
feb11 4:0da19393bd57 226 uint32_t w[16];
feb11 3:85c6ee25cf3e 227 uint32_t *buffer2 = (uint32_t*)buffer;
feb11 3:85c6ee25cf3e 228 uint32_t a = *h02, b = *h12, c = *h22, d = *h32, e = *h42, f = *h52, g = *h62, h = *h72;
feb11 3:85c6ee25cf3e 229 uint32_t T1, T2;
feb11 4:0da19393bd57 230
feb11 4:0da19393bd57 231
feb11 4:0da19393bd57 232 R(a,b,c,d,e,f,g,h,0,0x428a2f98)
feb11 4:0da19393bd57 233 R(h,a,b,c,d,e,f,g,1,0x71374491)
feb11 4:0da19393bd57 234 R(g,h,a,b,c,d,e,f,2,0xb5c0fbcf)
feb11 4:0da19393bd57 235 R(f,g,h,a,b,c,d,e,3,0xe9b5dba5)
feb11 4:0da19393bd57 236 R(e,f,g,h,a,b,c,d,4,0x3956c25b)
feb11 4:0da19393bd57 237 R(d,e,f,g,h,a,b,c,5,0x59f111f1)
feb11 4:0da19393bd57 238 R(c,d,e,f,g,h,a,b,6,0x923f82a4)
feb11 4:0da19393bd57 239 R(b,c,d,e,f,g,h,a,7,0xab1c5ed5)
feb11 3:85c6ee25cf3e 240
feb11 4:0da19393bd57 241 R(a,b,c,d,e,f,g,h,8,0xd807aa98)
feb11 4:0da19393bd57 242 R(h,a,b,c,d,e,f,g,9,0x12835b01)
feb11 4:0da19393bd57 243 R(g,h,a,b,c,d,e,f,10,0x243185be)
feb11 4:0da19393bd57 244 R(f,g,h,a,b,c,d,e,11,0x550c7dc3)
feb11 4:0da19393bd57 245 R(e,f,g,h,a,b,c,d,12,0x72be5d74)
feb11 4:0da19393bd57 246 R(d,e,f,g,h,a,b,c,13,0x80deb1fe)
feb11 4:0da19393bd57 247 R(c,d,e,f,g,h,a,b,14,0x9bdc06a7)
feb11 4:0da19393bd57 248 R(b,c,d,e,f,g,h,a,15,0xc19bf174)
feb11 4:0da19393bd57 249
feb11 4:0da19393bd57 250 R2(a,b,c,d,e,f,g,h,16,0xe49b69c1)
feb11 4:0da19393bd57 251 R2(h,a,b,c,d,e,f,g,17,0xefbe4786)
feb11 4:0da19393bd57 252 R2(g,h,a,b,c,d,e,f,18,0x0fc19dc6)
feb11 4:0da19393bd57 253 R2(f,g,h,a,b,c,d,e,19,0x240ca1cc)
feb11 4:0da19393bd57 254 R2(e,f,g,h,a,b,c,d,20,0x2de92c6f)
feb11 4:0da19393bd57 255 R2(d,e,f,g,h,a,b,c,21,0x4a7484aa)
feb11 4:0da19393bd57 256 R2(c,d,e,f,g,h,a,b,22,0x5cb0a9dc)
feb11 4:0da19393bd57 257 R2(b,c,d,e,f,g,h,a,23,0x76f988da)
feb11 3:85c6ee25cf3e 258
feb11 4:0da19393bd57 259 R2(a,b,c,d,e,f,g,h,24,0x983e5152)
feb11 4:0da19393bd57 260 R2(h,a,b,c,d,e,f,g,25,0xa831c66d)
feb11 4:0da19393bd57 261 R2(g,h,a,b,c,d,e,f,26,0xb00327c8)
feb11 4:0da19393bd57 262 R2(f,g,h,a,b,c,d,e,27,0xbf597fc7)
feb11 4:0da19393bd57 263 R2(e,f,g,h,a,b,c,d,28,0xc6e00bf3)
feb11 4:0da19393bd57 264 R2(d,e,f,g,h,a,b,c,29,0xd5a79147)
feb11 4:0da19393bd57 265 R2(c,d,e,f,g,h,a,b,30,0x06ca6351)
feb11 4:0da19393bd57 266 R2(b,c,d,e,f,g,h,a,31,0x14292967)
feb11 4:0da19393bd57 267
feb11 4:0da19393bd57 268 R2(a,b,c,d,e,f,g,h,32,0x27b70a85)
feb11 4:0da19393bd57 269 R2(h,a,b,c,d,e,f,g,33,0x2e1b2138)
feb11 4:0da19393bd57 270 R2(g,h,a,b,c,d,e,f,34,0x4d2c6dfc)
feb11 4:0da19393bd57 271 R2(f,g,h,a,b,c,d,e,35,0x53380d13)
feb11 4:0da19393bd57 272 R2(e,f,g,h,a,b,c,d,36,0x650a7354)
feb11 4:0da19393bd57 273 R2(d,e,f,g,h,a,b,c,37,0x766a0abb)
feb11 4:0da19393bd57 274 R2(c,d,e,f,g,h,a,b,38,0x81c2c92e)
feb11 4:0da19393bd57 275 R2(b,c,d,e,f,g,h,a,39,0x92722c85)
feb11 3:85c6ee25cf3e 276
feb11 4:0da19393bd57 277 R2(a,b,c,d,e,f,g,h,40,0xa2bfe8a1)
feb11 4:0da19393bd57 278 R2(h,a,b,c,d,e,f,g,41,0xa81a664b)
feb11 4:0da19393bd57 279 R2(g,h,a,b,c,d,e,f,42,0xc24b8b70)
feb11 4:0da19393bd57 280 R2(f,g,h,a,b,c,d,e,43,0xc76c51a3)
feb11 4:0da19393bd57 281 R2(e,f,g,h,a,b,c,d,44,0xd192e819)
feb11 4:0da19393bd57 282 R2(d,e,f,g,h,a,b,c,45,0xd6990624)
feb11 4:0da19393bd57 283 R2(c,d,e,f,g,h,a,b,46,0xf40e3585)
feb11 4:0da19393bd57 284 R2(b,c,d,e,f,g,h,a,47,0x106aa070)
feb11 3:85c6ee25cf3e 285
feb11 4:0da19393bd57 286 R2(a,b,c,d,e,f,g,h,48,0x19a4c116)
feb11 4:0da19393bd57 287 R2(h,a,b,c,d,e,f,g,49,0x1e376c08)
feb11 4:0da19393bd57 288 R2(g,h,a,b,c,d,e,f,50,0x2748774c)
feb11 4:0da19393bd57 289 R2(f,g,h,a,b,c,d,e,51,0x34b0bcb5)
feb11 4:0da19393bd57 290 R2(e,f,g,h,a,b,c,d,52,0x391c0cb3)
feb11 4:0da19393bd57 291 R2(d,e,f,g,h,a,b,c,53,0x4ed8aa4a)
feb11 4:0da19393bd57 292 R2(c,d,e,f,g,h,a,b,54,0x5b9cca4f)
feb11 4:0da19393bd57 293 R2(b,c,d,e,f,g,h,a,55,0x682e6ff3)
feb11 4:0da19393bd57 294
feb11 4:0da19393bd57 295 R2(a,b,c,d,e,f,g,h,56,0x748f82ee)
feb11 4:0da19393bd57 296 R2(h,a,b,c,d,e,f,g,57,0x78a5636f)
feb11 4:0da19393bd57 297 R2(g,h,a,b,c,d,e,f,58,0x84c87814)
feb11 4:0da19393bd57 298 R2(f,g,h,a,b,c,d,e,59,0x8cc70208)
feb11 4:0da19393bd57 299 R2(e,f,g,h,a,b,c,d,60,0x90befffa)
feb11 4:0da19393bd57 300 R2(d,e,f,g,h,a,b,c,61,0xa4506ceb)
feb11 4:0da19393bd57 301 R2(c,d,e,f,g,h,a,b,62,0xbef9a3f7)
feb11 4:0da19393bd57 302 R2(b,c,d,e,f,g,h,a,63,0xc67178f2)
feb11 3:85c6ee25cf3e 303
feb11 0:7a1237bd2d13 304
feb11 0:7a1237bd2d13 305 *h02 += a;
feb11 0:7a1237bd2d13 306 *h12 += b;
feb11 0:7a1237bd2d13 307 *h22 += c;
feb11 0:7a1237bd2d13 308 *h32 += d;
feb11 0:7a1237bd2d13 309 *h42 += e;
feb11 0:7a1237bd2d13 310 *h52 += f;
feb11 0:7a1237bd2d13 311 *h62 += g;
feb11 0:7a1237bd2d13 312 *h72 += h;
feb11 0:7a1237bd2d13 313 }
feb11 0:7a1237bd2d13 314