Lines Matching +full:0 +full:- +full:6
1 /* SHA-256 and SHA-512 implementation based on code by Oliver Gay
2 * <olivier.gay@a3.epfl.ch> under a BSD-style license. See below.
6 * FIPS 180-2 SHA-224/256/384/512 implementation
43 ctx->crypto_ctx.algo = CRYPTO_SHA256; in avb_sha256_init()
44 ctx->crypto_ctx.length = ctx->tot_len; in avb_sha256_init()
45 memset(ctx->buf, 0, sizeof(ctx->buf)); in avb_sha256_init()
47 ctx->crypto_dev = crypto_get_device(ctx->crypto_ctx.algo); in avb_sha256_init()
48 if (!ctx->crypto_dev) in avb_sha256_init()
51 crypto_sha_init(ctx->crypto_dev, &ctx->crypto_ctx); in avb_sha256_init()
55 if (ctx->crypto_dev) in avb_sha256_update()
56 crypto_sha_update(ctx->crypto_dev, (u32 *)data, len); in avb_sha256_update()
60 if (ctx->crypto_dev) in avb_sha256_final()
61 crypto_sha_final(ctx->crypto_dev, &ctx->crypto_ctx, ctx->buf); in avb_sha256_final()
63 return ctx->buf; in avb_sha256_final()
67 #define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
68 #define ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n)))
73 #define SHA256_F2(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25))
82 *((str) + 0) = (uint8_t)((x) >> 24); \
88 *((str) + 6) = (uint8_t)((uint64_t)x >> 8); \
94 *((str) + 0) = (uint8_t)((uint64_t)x >> 56); \
101 ((uint32_t) * ((str) + 0) << 24); \
107 { w[i] = SHA256_F4(w[i - 2]) + w[i - 7] + SHA256_F3(w[i - 15]) + w[i - 16]; }
118 static const uint32_t sha256_h0[8] = {0x6a09e667,
119 0xbb67ae85,
120 0x3c6ef372,
121 0xa54ff53a,
122 0x510e527f,
123 0x9b05688c,
124 0x1f83d9ab,
125 0x5be0cd19};
128 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1,
129 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
130 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786,
131 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
132 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
133 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
134 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b,
135 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
136 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a,
137 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
138 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2};
140 /* SHA-256 implementation */
144 for (i = 0; i < 8; i++) { in avb_sha256_init()
145 ctx->h[i] = sha256_h0[i]; in avb_sha256_init()
148 ctx->h[0] = sha256_h0[0]; in avb_sha256_init()
149 ctx->h[1] = sha256_h0[1]; in avb_sha256_init()
150 ctx->h[2] = sha256_h0[2]; in avb_sha256_init()
151 ctx->h[3] = sha256_h0[3]; in avb_sha256_init()
152 ctx->h[4] = sha256_h0[4]; in avb_sha256_init()
153 ctx->h[5] = sha256_h0[5]; in avb_sha256_init()
154 ctx->h[6] = sha256_h0[6]; in avb_sha256_init()
155 ctx->h[7] = sha256_h0[7]; in avb_sha256_init()
158 ctx->len = 0; in avb_sha256_init()
159 ctx->tot_len = 0; in avb_sha256_init()
175 for (i = 0; i < block_nb; i++) { in SHA256_transform()
176 sub_block = message + (i << 6); in SHA256_transform()
179 for (j = 0; j < 16; j++) { in SHA256_transform()
187 for (j = 0; j < 8; j++) { in SHA256_transform()
188 wv[j] = ctx->h[j]; in SHA256_transform()
191 for (j = 0; j < 64; j++) { in SHA256_transform()
192 t1 = wv[7] + SHA256_F2(wv[4]) + CH(wv[4], wv[5], wv[6]) + sha256_k[j] + in SHA256_transform()
194 t2 = SHA256_F1(wv[0]) + MAJ(wv[0], wv[1], wv[2]); in SHA256_transform()
195 wv[7] = wv[6]; in SHA256_transform()
196 wv[6] = wv[5]; in SHA256_transform()
201 wv[1] = wv[0]; in SHA256_transform()
202 wv[0] = t1 + t2; in SHA256_transform()
205 for (j = 0; j < 8; j++) { in SHA256_transform()
206 ctx->h[j] += wv[j]; in SHA256_transform()
209 PACK32(&sub_block[0], &w[0]); in SHA256_transform()
215 PACK32(&sub_block[24], &w[6]); in SHA256_transform()
275 wv[0] = ctx->h[0]; in SHA256_transform()
276 wv[1] = ctx->h[1]; in SHA256_transform()
277 wv[2] = ctx->h[2]; in SHA256_transform()
278 wv[3] = ctx->h[3]; in SHA256_transform()
279 wv[4] = ctx->h[4]; in SHA256_transform()
280 wv[5] = ctx->h[5]; in SHA256_transform()
281 wv[6] = ctx->h[6]; in SHA256_transform()
282 wv[7] = ctx->h[7]; in SHA256_transform()
284 SHA256_EXP(0, 1, 2, 3, 4, 5, 6, 7, 0); in SHA256_transform()
285 SHA256_EXP(7, 0, 1, 2, 3, 4, 5, 6, 1); in SHA256_transform()
286 SHA256_EXP(6, 7, 0, 1, 2, 3, 4, 5, 2); in SHA256_transform()
287 SHA256_EXP(5, 6, 7, 0, 1, 2, 3, 4, 3); in SHA256_transform()
288 SHA256_EXP(4, 5, 6, 7, 0, 1, 2, 3, 4); in SHA256_transform()
289 SHA256_EXP(3, 4, 5, 6, 7, 0, 1, 2, 5); in SHA256_transform()
290 SHA256_EXP(2, 3, 4, 5, 6, 7, 0, 1, 6); in SHA256_transform()
291 SHA256_EXP(1, 2, 3, 4, 5, 6, 7, 0, 7); in SHA256_transform()
292 SHA256_EXP(0, 1, 2, 3, 4, 5, 6, 7, 8); in SHA256_transform()
293 SHA256_EXP(7, 0, 1, 2, 3, 4, 5, 6, 9); in SHA256_transform()
294 SHA256_EXP(6, 7, 0, 1, 2, 3, 4, 5, 10); in SHA256_transform()
295 SHA256_EXP(5, 6, 7, 0, 1, 2, 3, 4, 11); in SHA256_transform()
296 SHA256_EXP(4, 5, 6, 7, 0, 1, 2, 3, 12); in SHA256_transform()
297 SHA256_EXP(3, 4, 5, 6, 7, 0, 1, 2, 13); in SHA256_transform()
298 SHA256_EXP(2, 3, 4, 5, 6, 7, 0, 1, 14); in SHA256_transform()
299 SHA256_EXP(1, 2, 3, 4, 5, 6, 7, 0, 15); in SHA256_transform()
300 SHA256_EXP(0, 1, 2, 3, 4, 5, 6, 7, 16); in SHA256_transform()
301 SHA256_EXP(7, 0, 1, 2, 3, 4, 5, 6, 17); in SHA256_transform()
302 SHA256_EXP(6, 7, 0, 1, 2, 3, 4, 5, 18); in SHA256_transform()
303 SHA256_EXP(5, 6, 7, 0, 1, 2, 3, 4, 19); in SHA256_transform()
304 SHA256_EXP(4, 5, 6, 7, 0, 1, 2, 3, 20); in SHA256_transform()
305 SHA256_EXP(3, 4, 5, 6, 7, 0, 1, 2, 21); in SHA256_transform()
306 SHA256_EXP(2, 3, 4, 5, 6, 7, 0, 1, 22); in SHA256_transform()
307 SHA256_EXP(1, 2, 3, 4, 5, 6, 7, 0, 23); in SHA256_transform()
308 SHA256_EXP(0, 1, 2, 3, 4, 5, 6, 7, 24); in SHA256_transform()
309 SHA256_EXP(7, 0, 1, 2, 3, 4, 5, 6, 25); in SHA256_transform()
310 SHA256_EXP(6, 7, 0, 1, 2, 3, 4, 5, 26); in SHA256_transform()
311 SHA256_EXP(5, 6, 7, 0, 1, 2, 3, 4, 27); in SHA256_transform()
312 SHA256_EXP(4, 5, 6, 7, 0, 1, 2, 3, 28); in SHA256_transform()
313 SHA256_EXP(3, 4, 5, 6, 7, 0, 1, 2, 29); in SHA256_transform()
314 SHA256_EXP(2, 3, 4, 5, 6, 7, 0, 1, 30); in SHA256_transform()
315 SHA256_EXP(1, 2, 3, 4, 5, 6, 7, 0, 31); in SHA256_transform()
316 SHA256_EXP(0, 1, 2, 3, 4, 5, 6, 7, 32); in SHA256_transform()
317 SHA256_EXP(7, 0, 1, 2, 3, 4, 5, 6, 33); in SHA256_transform()
318 SHA256_EXP(6, 7, 0, 1, 2, 3, 4, 5, 34); in SHA256_transform()
319 SHA256_EXP(5, 6, 7, 0, 1, 2, 3, 4, 35); in SHA256_transform()
320 SHA256_EXP(4, 5, 6, 7, 0, 1, 2, 3, 36); in SHA256_transform()
321 SHA256_EXP(3, 4, 5, 6, 7, 0, 1, 2, 37); in SHA256_transform()
322 SHA256_EXP(2, 3, 4, 5, 6, 7, 0, 1, 38); in SHA256_transform()
323 SHA256_EXP(1, 2, 3, 4, 5, 6, 7, 0, 39); in SHA256_transform()
324 SHA256_EXP(0, 1, 2, 3, 4, 5, 6, 7, 40); in SHA256_transform()
325 SHA256_EXP(7, 0, 1, 2, 3, 4, 5, 6, 41); in SHA256_transform()
326 SHA256_EXP(6, 7, 0, 1, 2, 3, 4, 5, 42); in SHA256_transform()
327 SHA256_EXP(5, 6, 7, 0, 1, 2, 3, 4, 43); in SHA256_transform()
328 SHA256_EXP(4, 5, 6, 7, 0, 1, 2, 3, 44); in SHA256_transform()
329 SHA256_EXP(3, 4, 5, 6, 7, 0, 1, 2, 45); in SHA256_transform()
330 SHA256_EXP(2, 3, 4, 5, 6, 7, 0, 1, 46); in SHA256_transform()
331 SHA256_EXP(1, 2, 3, 4, 5, 6, 7, 0, 47); in SHA256_transform()
332 SHA256_EXP(0, 1, 2, 3, 4, 5, 6, 7, 48); in SHA256_transform()
333 SHA256_EXP(7, 0, 1, 2, 3, 4, 5, 6, 49); in SHA256_transform()
334 SHA256_EXP(6, 7, 0, 1, 2, 3, 4, 5, 50); in SHA256_transform()
335 SHA256_EXP(5, 6, 7, 0, 1, 2, 3, 4, 51); in SHA256_transform()
336 SHA256_EXP(4, 5, 6, 7, 0, 1, 2, 3, 52); in SHA256_transform()
337 SHA256_EXP(3, 4, 5, 6, 7, 0, 1, 2, 53); in SHA256_transform()
338 SHA256_EXP(2, 3, 4, 5, 6, 7, 0, 1, 54); in SHA256_transform()
339 SHA256_EXP(1, 2, 3, 4, 5, 6, 7, 0, 55); in SHA256_transform()
340 SHA256_EXP(0, 1, 2, 3, 4, 5, 6, 7, 56); in SHA256_transform()
341 SHA256_EXP(7, 0, 1, 2, 3, 4, 5, 6, 57); in SHA256_transform()
342 SHA256_EXP(6, 7, 0, 1, 2, 3, 4, 5, 58); in SHA256_transform()
343 SHA256_EXP(5, 6, 7, 0, 1, 2, 3, 4, 59); in SHA256_transform()
344 SHA256_EXP(4, 5, 6, 7, 0, 1, 2, 3, 60); in SHA256_transform()
345 SHA256_EXP(3, 4, 5, 6, 7, 0, 1, 2, 61); in SHA256_transform()
346 SHA256_EXP(2, 3, 4, 5, 6, 7, 0, 1, 62); in SHA256_transform()
347 SHA256_EXP(1, 2, 3, 4, 5, 6, 7, 0, 63); in SHA256_transform()
349 ctx->h[0] += wv[0]; in SHA256_transform()
350 ctx->h[1] += wv[1]; in SHA256_transform()
351 ctx->h[2] += wv[2]; in SHA256_transform()
352 ctx->h[3] += wv[3]; in SHA256_transform()
353 ctx->h[4] += wv[4]; in SHA256_transform()
354 ctx->h[5] += wv[5]; in SHA256_transform()
355 ctx->h[6] += wv[6]; in SHA256_transform()
356 ctx->h[7] += wv[7]; in SHA256_transform()
366 tmp_len = AVB_SHA256_BLOCK_SIZE - ctx->len; in avb_sha256_update()
369 avb_memcpy(&ctx->block[ctx->len], data, rem_len); in avb_sha256_update()
371 if (ctx->len + len < AVB_SHA256_BLOCK_SIZE) { in avb_sha256_update()
372 ctx->len += len; in avb_sha256_update()
376 new_len = len - rem_len; in avb_sha256_update()
381 SHA256_transform(ctx, ctx->block, 1); in avb_sha256_update()
386 avb_memcpy(ctx->block, &shifted_data[block_nb << 6], rem_len); in avb_sha256_update()
388 ctx->len = rem_len; in avb_sha256_update()
389 ctx->tot_len += (block_nb + 1) << 6; in avb_sha256_update()
401 (1 + ((AVB_SHA256_BLOCK_SIZE - 9) < (ctx->len % AVB_SHA256_BLOCK_SIZE))); in avb_sha256_final()
403 len_b = (ctx->tot_len + ctx->len) << 3; in avb_sha256_final()
404 pm_len = block_nb << 6; in avb_sha256_final()
406 avb_memset(ctx->block + ctx->len, 0, pm_len - ctx->len); in avb_sha256_final()
407 ctx->block[ctx->len] = 0x80; in avb_sha256_final()
408 UNPACK64(len_b, ctx->block + pm_len - 8); in avb_sha256_final()
410 SHA256_transform(ctx, ctx->block, block_nb); in avb_sha256_final()
413 for (i = 0; i < 8; i++) { in avb_sha256_final()
414 UNPACK32(ctx->h[i], &ctx->buf[i << 2]); in avb_sha256_final()
417 UNPACK32(ctx->h[0], &ctx->buf[0]); in avb_sha256_final()
418 UNPACK32(ctx->h[1], &ctx->buf[4]); in avb_sha256_final()
419 UNPACK32(ctx->h[2], &ctx->buf[8]); in avb_sha256_final()
420 UNPACK32(ctx->h[3], &ctx->buf[12]); in avb_sha256_final()
421 UNPACK32(ctx->h[4], &ctx->buf[16]); in avb_sha256_final()
422 UNPACK32(ctx->h[5], &ctx->buf[20]); in avb_sha256_final()
423 UNPACK32(ctx->h[6], &ctx->buf[24]); in avb_sha256_final()
424 UNPACK32(ctx->h[7], &ctx->buf[28]); in avb_sha256_final()
427 return ctx->buf; in avb_sha256_final()