Francois Berder / Crypto

This library implements some hash and cryptographic algorithms.

Dependents:   mBuinoBlinky PB_Emma_Ethernet SLOTrashHTTP Garagem ... more

This library implements the following algorithms :

  • RC4
  • AES (AES-128, AES-192, AES-256)
  • DES
  • Triple DES (EDE)
  • MD2
  • MD4
  • MD5
  • SHA-1
  • SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512)

The hash algorithms have been optimized for the mbed and you should get decent performance. However, I did not optimize the ciphers. Also, I did not test extensively these algorithms : it should work but you may find some bugs. Block ciphers support two modes : ECB and CBC.

Warning

If you are using SHA-384 or SHA-512, be aware that it produces large binary files and the compilation (using the online compiler) takes much longer to execute. It may happen that the compiler stops because it timed-out. In this case, just compile again and it should work.

Computing hash

You can compute the hash of some data in two different ways. The first one is the easiest, each hash algorithm has a static method that takes some data and compute the hash from it.

Computing hash using method 1

#include "Crypto.h"
#include "mbed.h"

static const char msg[] = "mbed is great !";

int main()
{
    uint8_t hash[16];
    MD2::computeHash(hash, (uint8_t*)msg, strlen(msg));
    printf("hash: ");
    for(int i = 0; i < 16; ++i)
        printf("%02x", hash[i]);
    printf("\n");
    
    return 0;
}

The second one is slightly slower (around 2-3% slower) but it allows you to compute the hash of some data in several steps (by calling update method). This is the method you should use if you need to compute the hash from a large source and you don't have enough memory to store it in a single buffer.

Computing hash using method 2

#include "Crypto.h"
#include "mbed.h"

static const char msg[] = "mbed is great !";

int main()
{
    uint8_t hash[16];
    MD2 h;
    h.update((uint8_t*)msg, strlen(msg));
    h.finalize(hash);
    printf("hash: ");
    for(int i = 0; i < 16; ++i)
        printf("%02x", hash[i]);
    printf("\n");
    
    return 0;
}

TODO

  • optimize ciphers
  • add doc

hash/SHA2_32.cpp@10:bc9c23aa3870, 2013-09-24 (annotated)

Committer:
feb11
Date:
Tue Sep 24 07:19:04 2013 +0000
Revision:
10:bc9c23aa3870
Parent:
7:2dbbdfb08123
Child:
13:ac8e23b98dae
implemented HMAC

Who changed what in which revision?

UserRevisionLine numberNew contents of line
feb11 0:7a1237bd2d13 1 #include "SHA2_32.h"
feb11 0:7a1237bd2d13 2 #include <string.h>
feb11 10:bc9c23aa3870 3
feb11 0:7a1237bd2d13 4
feb11 4:0da19393bd57 5
feb11 4:0da19393bd57 6 static const uint8_t MASK = 0x0F;
feb11 4:0da19393bd57 7 #define W(t) (w[(t)] = SSIG1(w[((t)+14)&MASK]) + w[((t)+9)&MASK] + SSIG0(w[((t)+1)&MASK]) + w[t])
feb11 0:7a1237bd2d13 8
feb11 3:85c6ee25cf3e 9 #define ROTL(W,N) (((W) << (N)) | ((W) >> (32-(N))))
feb11 10:bc9c23aa3870 10 #define ROTR(W,N) (__ror(W,N))
feb11 3:85c6ee25cf3e 11 #define CH(X,Y,Z) (((X) & (Y)) ^ ((~(X)) & (Z)))
feb11 3:85c6ee25cf3e 12 #define MAJ(X,Y,Z) (((X) & (Y)) ^ ((X) & (Z)) ^ ((Y) & (Z)))
feb11 3:85c6ee25cf3e 13 #define BSIG0(X) (ROTR(X,2) ^ ROTR(X,13) ^ ROTR(X,22))
feb11 3:85c6ee25cf3e 14 #define BSIG1(X) (ROTR(X,6) ^ ROTR(X,11) ^ ROTR(X,25))
feb11 3:85c6ee25cf3e 15 #define SSIG0(X) (ROTR((X),7) ^ ROTR((X),18) ^ ((X) >> 3))
feb11 3:85c6ee25cf3e 16 #define SSIG1(X) (ROTR((X),17) ^ ROTR((X),19) ^ ((X) >> 10))
feb11 4:0da19393bd57 17 #define R(A,B,C,D,E,F,G,H,T,K) T1 = H + BSIG1(E) + CH(E,F,G) + K + (w[T] = __rev(buffer2[T])); \
feb11 4:0da19393bd57 18 T2 = BSIG0(A) + MAJ(A,B,C); \
feb11 4:0da19393bd57 19 D += T1; \
feb11 4:0da19393bd57 20 H = T1 + T2;
feb11 4:0da19393bd57 21 #define R2(A,B,C,D,E,F,G,H,T,K) T1 = H + BSIG1(E) + CH(E,F,G) + K + W(T&MASK); \
feb11 3:85c6ee25cf3e 22 T2 = BSIG0(A) + MAJ(A,B,C); \
feb11 3:85c6ee25cf3e 23 D += T1; \
feb11 3:85c6ee25cf3e 24 H = T1 + T2;
feb11 3:85c6ee25cf3e 25
feb11 0:7a1237bd2d13 26 static const uint32_t H[] =
feb11 0:7a1237bd2d13 27 {
feb11 0:7a1237bd2d13 28 // SHA-224
feb11 0:7a1237bd2d13 29 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
feb11 0:7a1237bd2d13 30 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4,
feb11 0:7a1237bd2d13 31
feb11 0:7a1237bd2d13 32 // SHA-256
feb11 0:7a1237bd2d13 33 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
feb11 0:7a1237bd2d13 34 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
feb11 0:7a1237bd2d13 35 };
feb11 0:7a1237bd2d13 36
feb11 0:7a1237bd2d13 37 SHA2_32::SHA2_32(SHA_32_TYPE t):
feb11 0:7a1237bd2d13 38 type(t),
feb11 0:7a1237bd2d13 39 totalBufferLength(0),
feb11 0:7a1237bd2d13 40 bufferLength(0)
feb11 0:7a1237bd2d13 41 {
feb11 0:7a1237bd2d13 42 switch(type)
feb11 0:7a1237bd2d13 43 {
feb11 0:7a1237bd2d13 44 case SHA_224:
feb11 0:7a1237bd2d13 45 h0 = H[0];
feb11 0:7a1237bd2d13 46 h1 = H[1];
feb11 0:7a1237bd2d13 47 h2 = H[2];
feb11 0:7a1237bd2d13 48 h3 = H[3];
feb11 0:7a1237bd2d13 49 h4 = H[4];
feb11 0:7a1237bd2d13 50 h5 = H[5];
feb11 0:7a1237bd2d13 51 h6 = H[6];
feb11 0:7a1237bd2d13 52 h7 = H[7];
feb11 0:7a1237bd2d13 53 break;
feb11 0:7a1237bd2d13 54
feb11 0:7a1237bd2d13 55 case SHA_256:
feb11 0:7a1237bd2d13 56 h0 = H[8];
feb11 0:7a1237bd2d13 57 h1 = H[9];
feb11 0:7a1237bd2d13 58 h2 = H[10];
feb11 0:7a1237bd2d13 59 h3 = H[11];
feb11 0:7a1237bd2d13 60 h4 = H[12];
feb11 0:7a1237bd2d13 61 h5 = H[13];
feb11 0:7a1237bd2d13 62 h6 = H[14];
feb11 0:7a1237bd2d13 63 h7 = H[15];
feb11 0:7a1237bd2d13 64 break;
feb11 0:7a1237bd2d13 65 }
feb11 0:7a1237bd2d13 66 }
feb11 0:7a1237bd2d13 67
feb11 6:19aa835f2bbb 68 void SHA2_32::update(uint8_t *data, uint32_t length)
feb11 0:7a1237bd2d13 69 {
feb11 0:7a1237bd2d13 70 if(length < 64-bufferLength)
feb11 0:7a1237bd2d13 71 {
feb11 6:19aa835f2bbb 72 memcpy(&buffer[bufferLength], data, length);
feb11 0:7a1237bd2d13 73 bufferLength += length;
feb11 0:7a1237bd2d13 74 totalBufferLength += length;
feb11 0:7a1237bd2d13 75 return;
feb11 0:7a1237bd2d13 76 }
feb11 0:7a1237bd2d13 77 int offset = 64-bufferLength;
feb11 6:19aa835f2bbb 78 memcpy(&buffer[bufferLength], data, offset);
feb11 0:7a1237bd2d13 79 computeBlock(&h0,&h1,&h2,&h3,&h4,&h5,&h6,&h7,buffer);
feb11 0:7a1237bd2d13 80 while(length-offset > 64)
feb11 0:7a1237bd2d13 81 {
feb11 6:19aa835f2bbb 82 memcpy(buffer, &data[offset], 64);
feb11 0:7a1237bd2d13 83 computeBlock(&h0,&h1,&h2,&h3,&h4,&h5,&h6,&h7,buffer);
feb11 0:7a1237bd2d13 84 offset += 64;
feb11 0:7a1237bd2d13 85 }
feb11 0:7a1237bd2d13 86 if(offset > length)
feb11 0:7a1237bd2d13 87 offset -= 64;
feb11 0:7a1237bd2d13 88 bufferLength = length - offset;
feb11 6:19aa835f2bbb 89 memcpy(buffer, &data[offset], bufferLength);
feb11 0:7a1237bd2d13 90 totalBufferLength += length;
feb11 0:7a1237bd2d13 91 }
feb11 0:7a1237bd2d13 92
feb11 6:19aa835f2bbb 93 void SHA2_32::finalize(uint8_t *hash)
feb11 0:7a1237bd2d13 94 {
feb11 6:19aa835f2bbb 95 uint32_t *hash2 = (uint32_t*)hash;
feb11 0:7a1237bd2d13 96 uint16_t padding;
feb11 0:7a1237bd2d13 97 if(totalBufferLength % 64 < 56)
feb11 0:7a1237bd2d13 98 padding = 56 - (totalBufferLength % 64);
feb11 0:7a1237bd2d13 99 else
feb11 0:7a1237bd2d13 100 padding = 56 + (64 - (totalBufferLength % 64));
feb11 3:85c6ee25cf3e 101
feb11 3:85c6ee25cf3e 102 buffer[bufferLength++] = 0x80;
feb11 3:85c6ee25cf3e 103 padding--;
feb11 3:85c6ee25cf3e 104 if(padding+bufferLength == 56)
feb11 3:85c6ee25cf3e 105 memset(&buffer[bufferLength], 0, padding);
feb11 3:85c6ee25cf3e 106 else
feb11 3:85c6ee25cf3e 107 {
feb11 3:85c6ee25cf3e 108 memset(&buffer[bufferLength], 0, 64-bufferLength);
feb11 3:85c6ee25cf3e 109 computeBlock(&h0, &h1, &h2, &h3, &h4, &h5, &h6, &h7, buffer);
feb11 5:06cd9c8afa0b 110 memset(buffer, 0, 56);
feb11 3:85c6ee25cf3e 111 }
feb11 3:85c6ee25cf3e 112
feb11 3:85c6ee25cf3e 113 uint64_t lengthBit = totalBufferLength << 3;
feb11 0:7a1237bd2d13 114 uint32_t lengthBitLow = lengthBit;
feb11 0:7a1237bd2d13 115 uint32_t lengthBitHigh = lengthBit >> 32;
feb11 3:85c6ee25cf3e 116 lengthBitLow = __rev(lengthBitLow);
feb11 3:85c6ee25cf3e 117 lengthBitHigh = __rev(lengthBitHigh);
feb11 3:85c6ee25cf3e 118 memcpy(&buffer[60], &lengthBitLow, 4);
feb11 3:85c6ee25cf3e 119 memcpy(&buffer[56], &lengthBitHigh, 4);
feb11 3:85c6ee25cf3e 120 computeBlock(&h0, &h1, &h2, &h3, &h4, &h5, &h6, &h7, buffer);
feb11 0:7a1237bd2d13 121
feb11 6:19aa835f2bbb 122 hash2[0] = __rev(h0);
feb11 6:19aa835f2bbb 123 hash2[1] = __rev(h1);
feb11 6:19aa835f2bbb 124 hash2[2] = __rev(h2);
feb11 6:19aa835f2bbb 125 hash2[3] = __rev(h3);
feb11 6:19aa835f2bbb 126 hash2[4] = __rev(h4);
feb11 6:19aa835f2bbb 127 hash2[5] = __rev(h5);
feb11 6:19aa835f2bbb 128 hash2[6] = __rev(h6);
feb11 6:19aa835f2bbb 129
feb11 3:85c6ee25cf3e 130
feb11 0:7a1237bd2d13 131 if(type == SHA_256)
feb11 6:19aa835f2bbb 132 hash2[7] = __rev(h7);
feb11 0:7a1237bd2d13 133
feb11 0:7a1237bd2d13 134 // reset state
feb11 0:7a1237bd2d13 135 switch(type)
feb11 0:7a1237bd2d13 136 {
feb11 0:7a1237bd2d13 137 case SHA_224:
feb11 0:7a1237bd2d13 138 h0 = H[0];
feb11 0:7a1237bd2d13 139 h1 = H[1];
feb11 0:7a1237bd2d13 140 h2 = H[2];
feb11 0:7a1237bd2d13 141 h3 = H[3];
feb11 0:7a1237bd2d13 142 h4 = H[4];
feb11 0:7a1237bd2d13 143 h5 = H[5];
feb11 0:7a1237bd2d13 144 h6 = H[6];
feb11 0:7a1237bd2d13 145 h7 = H[7];
feb11 0:7a1237bd2d13 146 break;
feb11 0:7a1237bd2d13 147
feb11 0:7a1237bd2d13 148 case SHA_256:
feb11 0:7a1237bd2d13 149 h0 = H[8];
feb11 0:7a1237bd2d13 150 h1 = H[9];
feb11 0:7a1237bd2d13 151 h2 = H[10];
feb11 0:7a1237bd2d13 152 h3 = H[11];
feb11 0:7a1237bd2d13 153 h4 = H[12];
feb11 0:7a1237bd2d13 154 h5 = H[13];
feb11 0:7a1237bd2d13 155 h6 = H[14];
feb11 0:7a1237bd2d13 156 h7 = H[15];
feb11 0:7a1237bd2d13 157 break;
feb11 0:7a1237bd2d13 158 }
feb11 0:7a1237bd2d13 159 totalBufferLength = 0;
feb11 0:7a1237bd2d13 160 bufferLength = 0;
feb11 0:7a1237bd2d13 161 }
feb11 0:7a1237bd2d13 162
feb11 6:19aa835f2bbb 163 void SHA2_32::computeHash(SHA_32_TYPE type, uint8_t *hash, uint8_t *data, uint32_t length)
feb11 6:19aa835f2bbb 164 {
feb11 6:19aa835f2bbb 165 uint32_t *hash2 = (uint32_t*)hash;
feb11 10:bc9c23aa3870 166
feb11 10:bc9c23aa3870 167 uint32_t h[8];
feb11 10:bc9c23aa3870 168 h[0] = H[type*8];
feb11 10:bc9c23aa3870 169 h[1] = H[type*8+1];
feb11 10:bc9c23aa3870 170 h[2] = H[type*8+2];
feb11 10:bc9c23aa3870 171 h[3] = H[type*8+3];
feb11 10:bc9c23aa3870 172 h[4] = H[type*8+4];
feb11 10:bc9c23aa3870 173 h[5] = H[type*8+5];
feb11 10:bc9c23aa3870 174 h[6] = H[type*8+6];
feb11 10:bc9c23aa3870 175 h[7] = H[type*8+7];
feb11 10:bc9c23aa3870 176
feb11 6:19aa835f2bbb 177 uint64_t lengthBit = length << 3;
feb11 10:bc9c23aa3870 178 uint32_t padding;
feb11 6:19aa835f2bbb 179 if(length % 64 < 56)
feb11 6:19aa835f2bbb 180 padding = 56 - (length % 64);
feb11 6:19aa835f2bbb 181 else
feb11 6:19aa835f2bbb 182 padding = 56 + (64 - (length % 64));
feb11 6:19aa835f2bbb 183
feb11 6:19aa835f2bbb 184 while(length >= 64)
feb11 6:19aa835f2bbb 185 {
feb11 10:bc9c23aa3870 186 computeBlock(h, &h[1], &h[2], &h[3], &h[4], &h[5], &h[6], &h[7], data);
feb11 6:19aa835f2bbb 187 length -= 64;
feb11 6:19aa835f2bbb 188 data += 64;
feb11 6:19aa835f2bbb 189 }
feb11 6:19aa835f2bbb 190 uint8_t buffer[64];
feb11 6:19aa835f2bbb 191 memcpy(buffer, data,length);
feb11 6:19aa835f2bbb 192 buffer[length++] = 0x80;
feb11 6:19aa835f2bbb 193 padding--;
feb11 6:19aa835f2bbb 194 if(padding+length == 56)
feb11 6:19aa835f2bbb 195 memset(&buffer[length], 0, padding);
feb11 6:19aa835f2bbb 196 else
feb11 6:19aa835f2bbb 197 {
feb11 6:19aa835f2bbb 198 memset(&buffer[length], 0, 64-length);
feb11 10:bc9c23aa3870 199 computeBlock(h, &h[1], &h[2], &h[3], &h[4], &h[5], &h[6], &h[7], buffer);
feb11 6:19aa835f2bbb 200 memset(buffer, 0, 56);
feb11 6:19aa835f2bbb 201 }
feb11 6:19aa835f2bbb 202
feb11 6:19aa835f2bbb 203 uint32_t lengthBitLow = lengthBit;
feb11 6:19aa835f2bbb 204 uint32_t lengthBitHigh = lengthBit >> 32;
feb11 6:19aa835f2bbb 205 lengthBitLow = __rev(lengthBitLow);
feb11 6:19aa835f2bbb 206 memcpy(&buffer[60], &lengthBitLow, 4);
feb11 6:19aa835f2bbb 207 lengthBitHigh = __rev(lengthBitHigh);
feb11 6:19aa835f2bbb 208 memcpy(&buffer[56], &lengthBitHigh, 4);
feb11 10:bc9c23aa3870 209 computeBlock(h, &h[1], &h[2], &h[3], &h[4], &h[5], &h[6], &h[7], buffer);
feb11 6:19aa835f2bbb 210
feb11 10:bc9c23aa3870 211 hash2[0] = __rev(h[0]);
feb11 10:bc9c23aa3870 212 hash2[1] = __rev(h[1]);
feb11 10:bc9c23aa3870 213 hash2[2] = __rev(h[2]);
feb11 10:bc9c23aa3870 214 hash2[3] = __rev(h[3]);
feb11 10:bc9c23aa3870 215 hash2[4] = __rev(h[4]);
feb11 10:bc9c23aa3870 216 hash2[5] = __rev(h[5]);
feb11 10:bc9c23aa3870 217 hash2[6] = __rev(h[6]);
feb11 6:19aa835f2bbb 218
feb11 6:19aa835f2bbb 219
feb11 6:19aa835f2bbb 220 if(type == SHA_256)
feb11 10:bc9c23aa3870 221 hash2[7] = __rev(h[7]);
feb11 6:19aa835f2bbb 222 }
feb11 6:19aa835f2bbb 223
feb11 10:bc9c23aa3870 224 __forceinline void SHA2_32::computeBlock(uint32_t *h02,
feb11 0:7a1237bd2d13 225 uint32_t *h12,
feb11 0:7a1237bd2d13 226 uint32_t *h22,
feb11 0:7a1237bd2d13 227 uint32_t *h32,
feb11 0:7a1237bd2d13 228 uint32_t *h42,
feb11 0:7a1237bd2d13 229 uint32_t *h52,
feb11 0:7a1237bd2d13 230 uint32_t *h62,
feb11 0:7a1237bd2d13 231 uint32_t *h72,
feb11 0:7a1237bd2d13 232 uint8_t *buffer)
feb11 0:7a1237bd2d13 233 {
feb11 4:0da19393bd57 234 uint32_t w[16];
feb11 3:85c6ee25cf3e 235 uint32_t *buffer2 = (uint32_t*)buffer;
feb11 3:85c6ee25cf3e 236 uint32_t a = *h02, b = *h12, c = *h22, d = *h32, e = *h42, f = *h52, g = *h62, h = *h72;
feb11 3:85c6ee25cf3e 237 uint32_t T1, T2;
feb11 4:0da19393bd57 238
feb11 4:0da19393bd57 239 R(a,b,c,d,e,f,g,h,0,0x428a2f98)
feb11 4:0da19393bd57 240 R(h,a,b,c,d,e,f,g,1,0x71374491)
feb11 4:0da19393bd57 241 R(g,h,a,b,c,d,e,f,2,0xb5c0fbcf)
feb11 4:0da19393bd57 242 R(f,g,h,a,b,c,d,e,3,0xe9b5dba5)
feb11 4:0da19393bd57 243 R(e,f,g,h,a,b,c,d,4,0x3956c25b)
feb11 4:0da19393bd57 244 R(d,e,f,g,h,a,b,c,5,0x59f111f1)
feb11 4:0da19393bd57 245 R(c,d,e,f,g,h,a,b,6,0x923f82a4)
feb11 4:0da19393bd57 246 R(b,c,d,e,f,g,h,a,7,0xab1c5ed5)
feb11 3:85c6ee25cf3e 247
feb11 4:0da19393bd57 248 R(a,b,c,d,e,f,g,h,8,0xd807aa98)
feb11 4:0da19393bd57 249 R(h,a,b,c,d,e,f,g,9,0x12835b01)
feb11 4:0da19393bd57 250 R(g,h,a,b,c,d,e,f,10,0x243185be)
feb11 4:0da19393bd57 251 R(f,g,h,a,b,c,d,e,11,0x550c7dc3)
feb11 4:0da19393bd57 252 R(e,f,g,h,a,b,c,d,12,0x72be5d74)
feb11 4:0da19393bd57 253 R(d,e,f,g,h,a,b,c,13,0x80deb1fe)
feb11 4:0da19393bd57 254 R(c,d,e,f,g,h,a,b,14,0x9bdc06a7)
feb11 4:0da19393bd57 255 R(b,c,d,e,f,g,h,a,15,0xc19bf174)
feb11 4:0da19393bd57 256
feb11 4:0da19393bd57 257 R2(a,b,c,d,e,f,g,h,16,0xe49b69c1)
feb11 4:0da19393bd57 258 R2(h,a,b,c,d,e,f,g,17,0xefbe4786)
feb11 4:0da19393bd57 259 R2(g,h,a,b,c,d,e,f,18,0x0fc19dc6)
feb11 4:0da19393bd57 260 R2(f,g,h,a,b,c,d,e,19,0x240ca1cc)
feb11 4:0da19393bd57 261 R2(e,f,g,h,a,b,c,d,20,0x2de92c6f)
feb11 4:0da19393bd57 262 R2(d,e,f,g,h,a,b,c,21,0x4a7484aa)
feb11 4:0da19393bd57 263 R2(c,d,e,f,g,h,a,b,22,0x5cb0a9dc)
feb11 4:0da19393bd57 264 R2(b,c,d,e,f,g,h,a,23,0x76f988da)
feb11 3:85c6ee25cf3e 265
feb11 4:0da19393bd57 266 R2(a,b,c,d,e,f,g,h,24,0x983e5152)
feb11 4:0da19393bd57 267 R2(h,a,b,c,d,e,f,g,25,0xa831c66d)
feb11 4:0da19393bd57 268 R2(g,h,a,b,c,d,e,f,26,0xb00327c8)
feb11 4:0da19393bd57 269 R2(f,g,h,a,b,c,d,e,27,0xbf597fc7)
feb11 4:0da19393bd57 270 R2(e,f,g,h,a,b,c,d,28,0xc6e00bf3)
feb11 4:0da19393bd57 271 R2(d,e,f,g,h,a,b,c,29,0xd5a79147)
feb11 4:0da19393bd57 272 R2(c,d,e,f,g,h,a,b,30,0x06ca6351)
feb11 4:0da19393bd57 273 R2(b,c,d,e,f,g,h,a,31,0x14292967)
feb11 4:0da19393bd57 274
feb11 4:0da19393bd57 275 R2(a,b,c,d,e,f,g,h,32,0x27b70a85)
feb11 4:0da19393bd57 276 R2(h,a,b,c,d,e,f,g,33,0x2e1b2138)
feb11 4:0da19393bd57 277 R2(g,h,a,b,c,d,e,f,34,0x4d2c6dfc)
feb11 4:0da19393bd57 278 R2(f,g,h,a,b,c,d,e,35,0x53380d13)
feb11 4:0da19393bd57 279 R2(e,f,g,h,a,b,c,d,36,0x650a7354)
feb11 4:0da19393bd57 280 R2(d,e,f,g,h,a,b,c,37,0x766a0abb)
feb11 4:0da19393bd57 281 R2(c,d,e,f,g,h,a,b,38,0x81c2c92e)
feb11 4:0da19393bd57 282 R2(b,c,d,e,f,g,h,a,39,0x92722c85)
feb11 3:85c6ee25cf3e 283
feb11 4:0da19393bd57 284 R2(a,b,c,d,e,f,g,h,40,0xa2bfe8a1)
feb11 4:0da19393bd57 285 R2(h,a,b,c,d,e,f,g,41,0xa81a664b)
feb11 4:0da19393bd57 286 R2(g,h,a,b,c,d,e,f,42,0xc24b8b70)
feb11 4:0da19393bd57 287 R2(f,g,h,a,b,c,d,e,43,0xc76c51a3)
feb11 4:0da19393bd57 288 R2(e,f,g,h,a,b,c,d,44,0xd192e819)
feb11 4:0da19393bd57 289 R2(d,e,f,g,h,a,b,c,45,0xd6990624)
feb11 4:0da19393bd57 290 R2(c,d,e,f,g,h,a,b,46,0xf40e3585)
feb11 4:0da19393bd57 291 R2(b,c,d,e,f,g,h,a,47,0x106aa070)
feb11 3:85c6ee25cf3e 292
feb11 4:0da19393bd57 293 R2(a,b,c,d,e,f,g,h,48,0x19a4c116)
feb11 4:0da19393bd57 294 R2(h,a,b,c,d,e,f,g,49,0x1e376c08)
feb11 4:0da19393bd57 295 R2(g,h,a,b,c,d,e,f,50,0x2748774c)
feb11 4:0da19393bd57 296 R2(f,g,h,a,b,c,d,e,51,0x34b0bcb5)
feb11 4:0da19393bd57 297 R2(e,f,g,h,a,b,c,d,52,0x391c0cb3)
feb11 4:0da19393bd57 298 R2(d,e,f,g,h,a,b,c,53,0x4ed8aa4a)
feb11 4:0da19393bd57 299 R2(c,d,e,f,g,h,a,b,54,0x5b9cca4f)
feb11 4:0da19393bd57 300 R2(b,c,d,e,f,g,h,a,55,0x682e6ff3)
feb11 4:0da19393bd57 301
feb11 4:0da19393bd57 302 R2(a,b,c,d,e,f,g,h,56,0x748f82ee)
feb11 4:0da19393bd57 303 R2(h,a,b,c,d,e,f,g,57,0x78a5636f)
feb11 4:0da19393bd57 304 R2(g,h,a,b,c,d,e,f,58,0x84c87814)
feb11 4:0da19393bd57 305 R2(f,g,h,a,b,c,d,e,59,0x8cc70208)
feb11 4:0da19393bd57 306 R2(e,f,g,h,a,b,c,d,60,0x90befffa)
feb11 4:0da19393bd57 307 R2(d,e,f,g,h,a,b,c,61,0xa4506ceb)
feb11 4:0da19393bd57 308 R2(c,d,e,f,g,h,a,b,62,0xbef9a3f7)
feb11 4:0da19393bd57 309 R2(b,c,d,e,f,g,h,a,63,0xc67178f2)
feb11 3:85c6ee25cf3e 310
feb11 0:7a1237bd2d13 311
feb11 0:7a1237bd2d13 312 *h02 += a;
feb11 0:7a1237bd2d13 313 *h12 += b;
feb11 0:7a1237bd2d13 314 *h22 += c;
feb11 0:7a1237bd2d13 315 *h32 += d;
feb11 0:7a1237bd2d13 316 *h42 += e;
feb11 0:7a1237bd2d13 317 *h52 += f;
feb11 0:7a1237bd2d13 318 *h62 += g;
feb11 0:7a1237bd2d13 319 *h72 += h;
feb11 0:7a1237bd2d13 320 }
feb11 0:7a1237bd2d13 321