Lines Matching +full:- +full:p
4 * FIPS-180-1 compliant SHA-1 implementation
6 * Copyright (C) 2003-2006 Christophe Devine
8 * SPDX-License-Identifier: LGPL-2.1
11 * The SHA-1 standard was published by NIST in 1993.
13 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
28 #include <u-boot/sha1.h>
45 * 32-bit integer manipulation macros (big endian)
65 * SHA-1 context setup
74 ctx->cdev = NULL; in sha1_starts()
75 if (ctx->length) { in sha1_starts()
76 ctx->cdev = crypto_get_device(algo); in sha1_starts()
77 if (ctx->cdev) { in sha1_starts()
79 cctx.length = ctx->length; in sha1_starts()
80 crypto_sha_init(ctx->cdev, &cctx); in sha1_starts()
86 ctx->total[0] = 0; in sha1_starts()
87 ctx->total[1] = 0; in sha1_starts()
89 ctx->state[0] = 0x67452301; in sha1_starts()
90 ctx->state[1] = 0xEFCDAB89; in sha1_starts()
91 ctx->state[2] = 0x98BADCFE; in sha1_starts()
92 ctx->state[3] = 0x10325476; in sha1_starts()
93 ctx->state[4] = 0xC3D2E1F0; in sha1_starts()
117 #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) in sha1_process_one()
120 temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \ in sha1_process_one()
121 W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \ in sha1_process_one()
125 #define P(a,b,c,d,e,x) { \ in sha1_process_one() macro
129 A = ctx->state[0]; in sha1_process_one()
130 B = ctx->state[1]; in sha1_process_one()
131 C = ctx->state[2]; in sha1_process_one()
132 D = ctx->state[3]; in sha1_process_one()
133 E = ctx->state[4]; in sha1_process_one()
138 P (A, B, C, D, E, W[0]); in sha1_process_one()
139 P (E, A, B, C, D, W[1]); in sha1_process_one()
140 P (D, E, A, B, C, W[2]); in sha1_process_one()
141 P (C, D, E, A, B, W[3]); in sha1_process_one()
142 P (B, C, D, E, A, W[4]); in sha1_process_one()
143 P (A, B, C, D, E, W[5]); in sha1_process_one()
144 P (E, A, B, C, D, W[6]); in sha1_process_one()
145 P (D, E, A, B, C, W[7]); in sha1_process_one()
146 P (C, D, E, A, B, W[8]); in sha1_process_one()
147 P (B, C, D, E, A, W[9]); in sha1_process_one()
148 P (A, B, C, D, E, W[10]); in sha1_process_one()
149 P (E, A, B, C, D, W[11]); in sha1_process_one()
150 P (D, E, A, B, C, W[12]); in sha1_process_one()
151 P (C, D, E, A, B, W[13]); in sha1_process_one()
152 P (B, C, D, E, A, W[14]); in sha1_process_one()
153 P (A, B, C, D, E, W[15]); in sha1_process_one()
154 P (E, A, B, C, D, R (16)); in sha1_process_one()
155 P (D, E, A, B, C, R (17)); in sha1_process_one()
156 P (C, D, E, A, B, R (18)); in sha1_process_one()
157 P (B, C, D, E, A, R (19)); in sha1_process_one()
165 P (A, B, C, D, E, R (20)); in sha1_process_one()
166 P (E, A, B, C, D, R (21)); in sha1_process_one()
167 P (D, E, A, B, C, R (22)); in sha1_process_one()
168 P (C, D, E, A, B, R (23)); in sha1_process_one()
169 P (B, C, D, E, A, R (24)); in sha1_process_one()
170 P (A, B, C, D, E, R (25)); in sha1_process_one()
171 P (E, A, B, C, D, R (26)); in sha1_process_one()
172 P (D, E, A, B, C, R (27)); in sha1_process_one()
173 P (C, D, E, A, B, R (28)); in sha1_process_one()
174 P (B, C, D, E, A, R (29)); in sha1_process_one()
175 P (A, B, C, D, E, R (30)); in sha1_process_one()
176 P (E, A, B, C, D, R (31)); in sha1_process_one()
177 P (D, E, A, B, C, R (32)); in sha1_process_one()
178 P (C, D, E, A, B, R (33)); in sha1_process_one()
179 P (B, C, D, E, A, R (34)); in sha1_process_one()
180 P (A, B, C, D, E, R (35)); in sha1_process_one()
181 P (E, A, B, C, D, R (36)); in sha1_process_one()
182 P (D, E, A, B, C, R (37)); in sha1_process_one()
183 P (C, D, E, A, B, R (38)); in sha1_process_one()
184 P (B, C, D, E, A, R (39)); in sha1_process_one()
192 P (A, B, C, D, E, R (40)); in sha1_process_one()
193 P (E, A, B, C, D, R (41)); in sha1_process_one()
194 P (D, E, A, B, C, R (42)); in sha1_process_one()
195 P (C, D, E, A, B, R (43)); in sha1_process_one()
196 P (B, C, D, E, A, R (44)); in sha1_process_one()
197 P (A, B, C, D, E, R (45)); in sha1_process_one()
198 P (E, A, B, C, D, R (46)); in sha1_process_one()
199 P (D, E, A, B, C, R (47)); in sha1_process_one()
200 P (C, D, E, A, B, R (48)); in sha1_process_one()
201 P (B, C, D, E, A, R (49)); in sha1_process_one()
202 P (A, B, C, D, E, R (50)); in sha1_process_one()
203 P (E, A, B, C, D, R (51)); in sha1_process_one()
204 P (D, E, A, B, C, R (52)); in sha1_process_one()
205 P (C, D, E, A, B, R (53)); in sha1_process_one()
206 P (B, C, D, E, A, R (54)); in sha1_process_one()
207 P (A, B, C, D, E, R (55)); in sha1_process_one()
208 P (E, A, B, C, D, R (56)); in sha1_process_one()
209 P (D, E, A, B, C, R (57)); in sha1_process_one()
210 P (C, D, E, A, B, R (58)); in sha1_process_one()
211 P (B, C, D, E, A, R (59)); in sha1_process_one()
219 P (A, B, C, D, E, R (60)); in sha1_process_one()
220 P (E, A, B, C, D, R (61)); in sha1_process_one()
221 P (D, E, A, B, C, R (62)); in sha1_process_one()
222 P (C, D, E, A, B, R (63)); in sha1_process_one()
223 P (B, C, D, E, A, R (64)); in sha1_process_one()
224 P (A, B, C, D, E, R (65)); in sha1_process_one()
225 P (E, A, B, C, D, R (66)); in sha1_process_one()
226 P (D, E, A, B, C, R (67)); in sha1_process_one()
227 P (C, D, E, A, B, R (68)); in sha1_process_one()
228 P (B, C, D, E, A, R (69)); in sha1_process_one()
229 P (A, B, C, D, E, R (70)); in sha1_process_one()
230 P (E, A, B, C, D, R (71)); in sha1_process_one()
231 P (D, E, A, B, C, R (72)); in sha1_process_one()
232 P (C, D, E, A, B, R (73)); in sha1_process_one()
233 P (B, C, D, E, A, R (74)); in sha1_process_one()
234 P (A, B, C, D, E, R (75)); in sha1_process_one()
235 P (E, A, B, C, D, R (76)); in sha1_process_one()
236 P (D, E, A, B, C, R (77)); in sha1_process_one()
237 P (C, D, E, A, B, R (78)); in sha1_process_one()
238 P (B, C, D, E, A, R (79)); in sha1_process_one()
243 ctx->state[0] += A; in sha1_process_one()
244 ctx->state[1] += B; in sha1_process_one()
245 ctx->state[2] += C; in sha1_process_one()
246 ctx->state[3] += D; in sha1_process_one()
247 ctx->state[4] += E; in sha1_process_one()
256 while (blocks--) { in sha1_process()
263 * SHA-1 process buffer
275 if (ctx->cdev) { in sha1_update()
276 crypto_sha_update(ctx->cdev, (void *)input, ilen); in sha1_update()
281 left = ctx->total[0] & 0x3F; in sha1_update()
282 fill = 64 - left; in sha1_update()
284 ctx->total[0] += ilen; in sha1_update()
285 ctx->total[0] &= 0xFFFFFFFF; in sha1_update()
287 if (ctx->total[0] < (unsigned long) ilen) in sha1_update()
288 ctx->total[1]++; in sha1_update()
291 memcpy ((void *) (ctx->buffer + left), (void *) input, fill); in sha1_update()
292 sha1_process(ctx, ctx->buffer, 1); in sha1_update()
294 ilen -= fill; in sha1_update()
303 memcpy ((void *) (ctx->buffer + left), (void *) input, ilen); in sha1_update()
315 * SHA-1 final digest
327 if (ctx->cdev) { in sha1_finish()
329 cctx.length = ctx->length; in sha1_finish()
330 crypto_sha_final(ctx->cdev, &cctx, output); in sha1_finish()
335 high = (ctx->total[0] >> 29) in sha1_finish()
336 | (ctx->total[1] << 3); in sha1_finish()
337 low = (ctx->total[0] << 3); in sha1_finish()
342 last = ctx->total[0] & 0x3F; in sha1_finish()
343 padn = (last < 56) ? (56 - last) : (120 - last); in sha1_finish()
348 PUT_UINT32_BE (ctx->state[0], output, 0); in sha1_finish()
349 PUT_UINT32_BE (ctx->state[1], output, 4); in sha1_finish()
350 PUT_UINT32_BE (ctx->state[2], output, 8); in sha1_finish()
351 PUT_UINT32_BE (ctx->state[3], output, 12); in sha1_finish()
352 PUT_UINT32_BE (ctx->state[4], output, 16); in sha1_finish()
356 * Output = SHA-1( input buffer )
374 * Output = SHA-1( input buffer ). Trigger the watchdog every 'chunk_sz'
396 chunk = end - curr; in sha1_csum_wd()
411 * Output = HMAC-SHA-1( input buffer, hmac key )
462 * FIPS-180-1 test vectors
490 printf (" SHA-1 test #%d: ", i + 1); in sha1_self_test()