Fawwaz Nadzmy / mbed-STM

mbed library sources. Supersedes mbed-src.

Fork of mbed-dev by mbed official

targets/TARGET_NUVOTON/TARGET_NUC472/crypto/sha/sha1_alt_sw.c@149:156823d33999, 2016-10-28 (annotated)

Committer:
<>
Date:
Fri Oct 28 11:17:30 2016 +0100
Revision:
149:156823d33999
This updates the lib to the mbed lib v128



NOTE: This release includes a restructuring of the file and directory locations and thus some

include paths in your code may need updating accordingly.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
<> 149:156823d33999 1 /*
<> 149:156823d33999 2 * FIPS-180-1 compliant SHA-1 implementation
<> 149:156823d33999 3 *
<> 149:156823d33999 4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
<> 149:156823d33999 5 * SPDX-License-Identifier: Apache-2.0
<> 149:156823d33999 6 *
<> 149:156823d33999 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
<> 149:156823d33999 8 * not use this file except in compliance with the License.
<> 149:156823d33999 9 * You may obtain a copy of the License at
<> 149:156823d33999 10 *
<> 149:156823d33999 11 * http://www.apache.org/licenses/LICENSE-2.0
<> 149:156823d33999 12 *
<> 149:156823d33999 13 * Unless required by applicable law or agreed to in writing, software
<> 149:156823d33999 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
<> 149:156823d33999 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
<> 149:156823d33999 16 * See the License for the specific language governing permissions and
<> 149:156823d33999 17 * limitations under the License.
<> 149:156823d33999 18 *
<> 149:156823d33999 19 * This file is part of mbed TLS (https://tls.mbed.org)
<> 149:156823d33999 20 */
<> 149:156823d33999 21 /*
<> 149:156823d33999 22 * The SHA-1 standard was published by NIST in 1993.
<> 149:156823d33999 23 *
<> 149:156823d33999 24 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
<> 149:156823d33999 25 */
<> 149:156823d33999 26
<> 149:156823d33999 27 #if !defined(MBEDTLS_CONFIG_FILE)
<> 149:156823d33999 28 #include "mbedtls/config.h"
<> 149:156823d33999 29 #else
<> 149:156823d33999 30 #include MBEDTLS_CONFIG_FILE
<> 149:156823d33999 31 #endif
<> 149:156823d33999 32
<> 149:156823d33999 33 #if defined(MBEDTLS_SHA1_C)
<> 149:156823d33999 34 #if defined(MBEDTLS_SHA1_ALT)
<> 149:156823d33999 35
<> 149:156823d33999 36 #include "mbedtls/sha1.h"
<> 149:156823d33999 37
<> 149:156823d33999 38 #include <string.h>
<> 149:156823d33999 39
<> 149:156823d33999 40 /* Implementation that should never be optimized out by the compiler */
<> 149:156823d33999 41 static void mbedtls_zeroize( void *v, size_t n ) {
<> 149:156823d33999 42 volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
<> 149:156823d33999 43 }
<> 149:156823d33999 44
<> 149:156823d33999 45 /*
<> 149:156823d33999 46 * 32-bit integer manipulation macros (big endian)
<> 149:156823d33999 47 */
<> 149:156823d33999 48 #ifndef GET_UINT32_BE
<> 149:156823d33999 49 #define GET_UINT32_BE(n,b,i) \
<> 149:156823d33999 50 { \
<> 149:156823d33999 51 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
<> 149:156823d33999 52 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
<> 149:156823d33999 53 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
<> 149:156823d33999 54 | ( (uint32_t) (b)[(i) + 3] ); \
<> 149:156823d33999 55 }
<> 149:156823d33999 56 #endif
<> 149:156823d33999 57
<> 149:156823d33999 58 #ifndef PUT_UINT32_BE
<> 149:156823d33999 59 #define PUT_UINT32_BE(n,b,i) \
<> 149:156823d33999 60 { \
<> 149:156823d33999 61 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
<> 149:156823d33999 62 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
<> 149:156823d33999 63 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
<> 149:156823d33999 64 (b)[(i) + 3] = (unsigned char) ( (n) ); \
<> 149:156823d33999 65 }
<> 149:156823d33999 66 #endif
<> 149:156823d33999 67
<> 149:156823d33999 68 void mbedtls_sha1_sw_init( mbedtls_sha1_sw_context *ctx )
<> 149:156823d33999 69 {
<> 149:156823d33999 70 memset( ctx, 0, sizeof( mbedtls_sha1_sw_context ) );
<> 149:156823d33999 71 }
<> 149:156823d33999 72
<> 149:156823d33999 73 void mbedtls_sha1_sw_free( mbedtls_sha1_sw_context *ctx )
<> 149:156823d33999 74 {
<> 149:156823d33999 75 if( ctx == NULL )
<> 149:156823d33999 76 return;
<> 149:156823d33999 77
<> 149:156823d33999 78 mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_sw_context ) );
<> 149:156823d33999 79 }
<> 149:156823d33999 80
<> 149:156823d33999 81 void mbedtls_sha1_sw_clone( mbedtls_sha1_sw_context *dst,
<> 149:156823d33999 82 const mbedtls_sha1_sw_context *src )
<> 149:156823d33999 83 {
<> 149:156823d33999 84 *dst = *src;
<> 149:156823d33999 85 }
<> 149:156823d33999 86
<> 149:156823d33999 87 /*
<> 149:156823d33999 88 * SHA-1 context setup
<> 149:156823d33999 89 */
<> 149:156823d33999 90 void mbedtls_sha1_sw_starts( mbedtls_sha1_sw_context *ctx )
<> 149:156823d33999 91 {
<> 149:156823d33999 92 ctx->total[0] = 0;
<> 149:156823d33999 93 ctx->total[1] = 0;
<> 149:156823d33999 94
<> 149:156823d33999 95 ctx->state[0] = 0x67452301;
<> 149:156823d33999 96 ctx->state[1] = 0xEFCDAB89;
<> 149:156823d33999 97 ctx->state[2] = 0x98BADCFE;
<> 149:156823d33999 98 ctx->state[3] = 0x10325476;
<> 149:156823d33999 99 ctx->state[4] = 0xC3D2E1F0;
<> 149:156823d33999 100 }
<> 149:156823d33999 101
<> 149:156823d33999 102 void mbedtls_sha1_sw_process( mbedtls_sha1_sw_context *ctx, const unsigned char data[64] )
<> 149:156823d33999 103 {
<> 149:156823d33999 104 uint32_t temp, W[16], A, B, C, D, E;
<> 149:156823d33999 105
<> 149:156823d33999 106 GET_UINT32_BE( W[ 0], data, 0 );
<> 149:156823d33999 107 GET_UINT32_BE( W[ 1], data, 4 );
<> 149:156823d33999 108 GET_UINT32_BE( W[ 2], data, 8 );
<> 149:156823d33999 109 GET_UINT32_BE( W[ 3], data, 12 );
<> 149:156823d33999 110 GET_UINT32_BE( W[ 4], data, 16 );
<> 149:156823d33999 111 GET_UINT32_BE( W[ 5], data, 20 );
<> 149:156823d33999 112 GET_UINT32_BE( W[ 6], data, 24 );
<> 149:156823d33999 113 GET_UINT32_BE( W[ 7], data, 28 );
<> 149:156823d33999 114 GET_UINT32_BE( W[ 8], data, 32 );
<> 149:156823d33999 115 GET_UINT32_BE( W[ 9], data, 36 );
<> 149:156823d33999 116 GET_UINT32_BE( W[10], data, 40 );
<> 149:156823d33999 117 GET_UINT32_BE( W[11], data, 44 );
<> 149:156823d33999 118 GET_UINT32_BE( W[12], data, 48 );
<> 149:156823d33999 119 GET_UINT32_BE( W[13], data, 52 );
<> 149:156823d33999 120 GET_UINT32_BE( W[14], data, 56 );
<> 149:156823d33999 121 GET_UINT32_BE( W[15], data, 60 );
<> 149:156823d33999 122
<> 149:156823d33999 123 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
<> 149:156823d33999 124
<> 149:156823d33999 125 #define R(t) \
<> 149:156823d33999 126 ( \
<> 149:156823d33999 127 temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
<> 149:156823d33999 128 W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
<> 149:156823d33999 129 ( W[t & 0x0F] = S(temp,1) ) \
<> 149:156823d33999 130 )
<> 149:156823d33999 131
<> 149:156823d33999 132 #define P(a,b,c,d,e,x) \
<> 149:156823d33999 133 { \
<> 149:156823d33999 134 e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
<> 149:156823d33999 135 }
<> 149:156823d33999 136
<> 149:156823d33999 137 A = ctx->state[0];
<> 149:156823d33999 138 B = ctx->state[1];
<> 149:156823d33999 139 C = ctx->state[2];
<> 149:156823d33999 140 D = ctx->state[3];
<> 149:156823d33999 141 E = ctx->state[4];
<> 149:156823d33999 142
<> 149:156823d33999 143 #define F(x,y,z) (z ^ (x & (y ^ z)))
<> 149:156823d33999 144 #define K 0x5A827999
<> 149:156823d33999 145
<> 149:156823d33999 146 P( A, B, C, D, E, W[0] );
<> 149:156823d33999 147 P( E, A, B, C, D, W[1] );
<> 149:156823d33999 148 P( D, E, A, B, C, W[2] );
<> 149:156823d33999 149 P( C, D, E, A, B, W[3] );
<> 149:156823d33999 150 P( B, C, D, E, A, W[4] );
<> 149:156823d33999 151 P( A, B, C, D, E, W[5] );
<> 149:156823d33999 152 P( E, A, B, C, D, W[6] );
<> 149:156823d33999 153 P( D, E, A, B, C, W[7] );
<> 149:156823d33999 154 P( C, D, E, A, B, W[8] );
<> 149:156823d33999 155 P( B, C, D, E, A, W[9] );
<> 149:156823d33999 156 P( A, B, C, D, E, W[10] );
<> 149:156823d33999 157 P( E, A, B, C, D, W[11] );
<> 149:156823d33999 158 P( D, E, A, B, C, W[12] );
<> 149:156823d33999 159 P( C, D, E, A, B, W[13] );
<> 149:156823d33999 160 P( B, C, D, E, A, W[14] );
<> 149:156823d33999 161 P( A, B, C, D, E, W[15] );
<> 149:156823d33999 162 P( E, A, B, C, D, R(16) );
<> 149:156823d33999 163 P( D, E, A, B, C, R(17) );
<> 149:156823d33999 164 P( C, D, E, A, B, R(18) );
<> 149:156823d33999 165 P( B, C, D, E, A, R(19) );
<> 149:156823d33999 166
<> 149:156823d33999 167 #undef K
<> 149:156823d33999 168 #undef F
<> 149:156823d33999 169
<> 149:156823d33999 170 #define F(x,y,z) (x ^ y ^ z)
<> 149:156823d33999 171 #define K 0x6ED9EBA1
<> 149:156823d33999 172
<> 149:156823d33999 173 P( A, B, C, D, E, R(20) );
<> 149:156823d33999 174 P( E, A, B, C, D, R(21) );
<> 149:156823d33999 175 P( D, E, A, B, C, R(22) );
<> 149:156823d33999 176 P( C, D, E, A, B, R(23) );
<> 149:156823d33999 177 P( B, C, D, E, A, R(24) );
<> 149:156823d33999 178 P( A, B, C, D, E, R(25) );
<> 149:156823d33999 179 P( E, A, B, C, D, R(26) );
<> 149:156823d33999 180 P( D, E, A, B, C, R(27) );
<> 149:156823d33999 181 P( C, D, E, A, B, R(28) );
<> 149:156823d33999 182 P( B, C, D, E, A, R(29) );
<> 149:156823d33999 183 P( A, B, C, D, E, R(30) );
<> 149:156823d33999 184 P( E, A, B, C, D, R(31) );
<> 149:156823d33999 185 P( D, E, A, B, C, R(32) );
<> 149:156823d33999 186 P( C, D, E, A, B, R(33) );
<> 149:156823d33999 187 P( B, C, D, E, A, R(34) );
<> 149:156823d33999 188 P( A, B, C, D, E, R(35) );
<> 149:156823d33999 189 P( E, A, B, C, D, R(36) );
<> 149:156823d33999 190 P( D, E, A, B, C, R(37) );
<> 149:156823d33999 191 P( C, D, E, A, B, R(38) );
<> 149:156823d33999 192 P( B, C, D, E, A, R(39) );
<> 149:156823d33999 193
<> 149:156823d33999 194 #undef K
<> 149:156823d33999 195 #undef F
<> 149:156823d33999 196
<> 149:156823d33999 197 #define F(x,y,z) ((x & y) | (z & (x | y)))
<> 149:156823d33999 198 #define K 0x8F1BBCDC
<> 149:156823d33999 199
<> 149:156823d33999 200 P( A, B, C, D, E, R(40) );
<> 149:156823d33999 201 P( E, A, B, C, D, R(41) );
<> 149:156823d33999 202 P( D, E, A, B, C, R(42) );
<> 149:156823d33999 203 P( C, D, E, A, B, R(43) );
<> 149:156823d33999 204 P( B, C, D, E, A, R(44) );
<> 149:156823d33999 205 P( A, B, C, D, E, R(45) );
<> 149:156823d33999 206 P( E, A, B, C, D, R(46) );
<> 149:156823d33999 207 P( D, E, A, B, C, R(47) );
<> 149:156823d33999 208 P( C, D, E, A, B, R(48) );
<> 149:156823d33999 209 P( B, C, D, E, A, R(49) );
<> 149:156823d33999 210 P( A, B, C, D, E, R(50) );
<> 149:156823d33999 211 P( E, A, B, C, D, R(51) );
<> 149:156823d33999 212 P( D, E, A, B, C, R(52) );
<> 149:156823d33999 213 P( C, D, E, A, B, R(53) );
<> 149:156823d33999 214 P( B, C, D, E, A, R(54) );
<> 149:156823d33999 215 P( A, B, C, D, E, R(55) );
<> 149:156823d33999 216 P( E, A, B, C, D, R(56) );
<> 149:156823d33999 217 P( D, E, A, B, C, R(57) );
<> 149:156823d33999 218 P( C, D, E, A, B, R(58) );
<> 149:156823d33999 219 P( B, C, D, E, A, R(59) );
<> 149:156823d33999 220
<> 149:156823d33999 221 #undef K
<> 149:156823d33999 222 #undef F
<> 149:156823d33999 223
<> 149:156823d33999 224 #define F(x,y,z) (x ^ y ^ z)
<> 149:156823d33999 225 #define K 0xCA62C1D6
<> 149:156823d33999 226
<> 149:156823d33999 227 P( A, B, C, D, E, R(60) );
<> 149:156823d33999 228 P( E, A, B, C, D, R(61) );
<> 149:156823d33999 229 P( D, E, A, B, C, R(62) );
<> 149:156823d33999 230 P( C, D, E, A, B, R(63) );
<> 149:156823d33999 231 P( B, C, D, E, A, R(64) );
<> 149:156823d33999 232 P( A, B, C, D, E, R(65) );
<> 149:156823d33999 233 P( E, A, B, C, D, R(66) );
<> 149:156823d33999 234 P( D, E, A, B, C, R(67) );
<> 149:156823d33999 235 P( C, D, E, A, B, R(68) );
<> 149:156823d33999 236 P( B, C, D, E, A, R(69) );
<> 149:156823d33999 237 P( A, B, C, D, E, R(70) );
<> 149:156823d33999 238 P( E, A, B, C, D, R(71) );
<> 149:156823d33999 239 P( D, E, A, B, C, R(72) );
<> 149:156823d33999 240 P( C, D, E, A, B, R(73) );
<> 149:156823d33999 241 P( B, C, D, E, A, R(74) );
<> 149:156823d33999 242 P( A, B, C, D, E, R(75) );
<> 149:156823d33999 243 P( E, A, B, C, D, R(76) );
<> 149:156823d33999 244 P( D, E, A, B, C, R(77) );
<> 149:156823d33999 245 P( C, D, E, A, B, R(78) );
<> 149:156823d33999 246 P( B, C, D, E, A, R(79) );
<> 149:156823d33999 247
<> 149:156823d33999 248 #undef K
<> 149:156823d33999 249 #undef F
<> 149:156823d33999 250
<> 149:156823d33999 251 ctx->state[0] += A;
<> 149:156823d33999 252 ctx->state[1] += B;
<> 149:156823d33999 253 ctx->state[2] += C;
<> 149:156823d33999 254 ctx->state[3] += D;
<> 149:156823d33999 255 ctx->state[4] += E;
<> 149:156823d33999 256 }
<> 149:156823d33999 257
<> 149:156823d33999 258 /*
<> 149:156823d33999 259 * SHA-1 process buffer
<> 149:156823d33999 260 */
<> 149:156823d33999 261 void mbedtls_sha1_sw_update( mbedtls_sha1_sw_context *ctx, const unsigned char *input, size_t ilen )
<> 149:156823d33999 262 {
<> 149:156823d33999 263 size_t fill;
<> 149:156823d33999 264 uint32_t left;
<> 149:156823d33999 265
<> 149:156823d33999 266 if( ilen == 0 )
<> 149:156823d33999 267 return;
<> 149:156823d33999 268
<> 149:156823d33999 269 left = ctx->total[0] & 0x3F;
<> 149:156823d33999 270 fill = 64 - left;
<> 149:156823d33999 271
<> 149:156823d33999 272 ctx->total[0] += (uint32_t) ilen;
<> 149:156823d33999 273 ctx->total[0] &= 0xFFFFFFFF;
<> 149:156823d33999 274
<> 149:156823d33999 275 if( ctx->total[0] < (uint32_t) ilen )
<> 149:156823d33999 276 ctx->total[1]++;
<> 149:156823d33999 277
<> 149:156823d33999 278 if( left && ilen >= fill )
<> 149:156823d33999 279 {
<> 149:156823d33999 280 memcpy( (void *) (ctx->buffer + left), input, fill );
<> 149:156823d33999 281 mbedtls_sha1_sw_process( ctx, ctx->buffer );
<> 149:156823d33999 282 input += fill;
<> 149:156823d33999 283 ilen -= fill;
<> 149:156823d33999 284 left = 0;
<> 149:156823d33999 285 }
<> 149:156823d33999 286
<> 149:156823d33999 287 while( ilen >= 64 )
<> 149:156823d33999 288 {
<> 149:156823d33999 289 mbedtls_sha1_sw_process( ctx, input );
<> 149:156823d33999 290 input += 64;
<> 149:156823d33999 291 ilen -= 64;
<> 149:156823d33999 292 }
<> 149:156823d33999 293
<> 149:156823d33999 294 if( ilen > 0 )
<> 149:156823d33999 295 memcpy( (void *) (ctx->buffer + left), input, ilen );
<> 149:156823d33999 296 }
<> 149:156823d33999 297
<> 149:156823d33999 298 static const unsigned char sha1_padding[64] =
<> 149:156823d33999 299 {
<> 149:156823d33999 300 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
<> 149:156823d33999 301 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
<> 149:156823d33999 302 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
<> 149:156823d33999 303 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
<> 149:156823d33999 304 };
<> 149:156823d33999 305
<> 149:156823d33999 306 /*
<> 149:156823d33999 307 * SHA-1 final digest
<> 149:156823d33999 308 */
<> 149:156823d33999 309 void mbedtls_sha1_sw_finish( mbedtls_sha1_sw_context *ctx, unsigned char output[20] )
<> 149:156823d33999 310 {
<> 149:156823d33999 311 uint32_t last, padn;
<> 149:156823d33999 312 uint32_t high, low;
<> 149:156823d33999 313 unsigned char msglen[8];
<> 149:156823d33999 314
<> 149:156823d33999 315 high = ( ctx->total[0] >> 29 )
<> 149:156823d33999 316 | ( ctx->total[1] << 3 );
<> 149:156823d33999 317 low = ( ctx->total[0] << 3 );
<> 149:156823d33999 318
<> 149:156823d33999 319 PUT_UINT32_BE( high, msglen, 0 );
<> 149:156823d33999 320 PUT_UINT32_BE( low, msglen, 4 );
<> 149:156823d33999 321
<> 149:156823d33999 322 last = ctx->total[0] & 0x3F;
<> 149:156823d33999 323 padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
<> 149:156823d33999 324
<> 149:156823d33999 325 mbedtls_sha1_sw_update( ctx, sha1_padding, padn );
<> 149:156823d33999 326 mbedtls_sha1_sw_update( ctx, msglen, 8 );
<> 149:156823d33999 327
<> 149:156823d33999 328 PUT_UINT32_BE( ctx->state[0], output, 0 );
<> 149:156823d33999 329 PUT_UINT32_BE( ctx->state[1], output, 4 );
<> 149:156823d33999 330 PUT_UINT32_BE( ctx->state[2], output, 8 );
<> 149:156823d33999 331 PUT_UINT32_BE( ctx->state[3], output, 12 );
<> 149:156823d33999 332 PUT_UINT32_BE( ctx->state[4], output, 16 );
<> 149:156823d33999 333 }
<> 149:156823d33999 334
<> 149:156823d33999 335 #endif /* MBEDTLS_SHA1_ALT */
<> 149:156823d33999 336
<> 149:156823d33999 337 #endif /* MBEDTLS_SHA1_C */