1*4882a593Smuzhiyun #include <stdio.h>
2*4882a593Smuzhiyun #include <stdlib.h>
3*4882a593Smuzhiyun #include <string.h>
4*4882a593Smuzhiyun #include <assert.h>
5*4882a593Smuzhiyun #include "aes_core.h"
6*4882a593Smuzhiyun
7*4882a593Smuzhiyun #define UL64(x) x##ULL
8*4882a593Smuzhiyun #ifndef uint64_t
9*4882a593Smuzhiyun #define uint64_t unsigned long long int
10*4882a593Smuzhiyun #endif
11*4882a593Smuzhiyun
12*4882a593Smuzhiyun enum {
13*4882a593Smuzhiyun SHA_384 = 0,
14*4882a593Smuzhiyun SHA_512,
15*4882a593Smuzhiyun SHA_512_224,
16*4882a593Smuzhiyun SHA_512_256
17*4882a593Smuzhiyun };
18*4882a593Smuzhiyun
19*4882a593Smuzhiyun /**
20*4882a593Smuzhiyun * \brief SHA-512 context structure
21*4882a593Smuzhiyun */
22*4882a593Smuzhiyun typedef struct
23*4882a593Smuzhiyun {
24*4882a593Smuzhiyun uint64_t total[2]; /*!< number of bytes processed */
25*4882a593Smuzhiyun uint64_t state[8]; /*!< intermediate digest state */
26*4882a593Smuzhiyun unsigned char buffer[128]; /*!< data block being processed */
27*4882a593Smuzhiyun int is384; /*!< 0 => SHA-512, else SHA-384 */
28*4882a593Smuzhiyun }
29*4882a593Smuzhiyun RK_SHA512_CTX;
30*4882a593Smuzhiyun
31*4882a593Smuzhiyun /* Implementation that should never be optimized out by the compiler */
mbedtls_zeroize(void * v,size_t n)32*4882a593Smuzhiyun static void mbedtls_zeroize( void *v, size_t n ) {
33*4882a593Smuzhiyun volatile unsigned char *p = v; while( n-- ) *p++ = 0;
34*4882a593Smuzhiyun }
35*4882a593Smuzhiyun
36*4882a593Smuzhiyun /*
37*4882a593Smuzhiyun * 64-bit integer manipulation macros (big endian)
38*4882a593Smuzhiyun */
39*4882a593Smuzhiyun #ifndef GET_UINT64_BE
40*4882a593Smuzhiyun #define GET_UINT64_BE(n,b,i) \
41*4882a593Smuzhiyun { \
42*4882a593Smuzhiyun (n) = ( (uint64_t) (b)[(i) ] << 56 ) \
43*4882a593Smuzhiyun | ( (uint64_t) (b)[(i) + 1] << 48 ) \
44*4882a593Smuzhiyun | ( (uint64_t) (b)[(i) + 2] << 40 ) \
45*4882a593Smuzhiyun | ( (uint64_t) (b)[(i) + 3] << 32 ) \
46*4882a593Smuzhiyun | ( (uint64_t) (b)[(i) + 4] << 24 ) \
47*4882a593Smuzhiyun | ( (uint64_t) (b)[(i) + 5] << 16 ) \
48*4882a593Smuzhiyun | ( (uint64_t) (b)[(i) + 6] << 8 ) \
49*4882a593Smuzhiyun | ( (uint64_t) (b)[(i) + 7] ); \
50*4882a593Smuzhiyun }
51*4882a593Smuzhiyun #endif /* GET_UINT64_BE */
52*4882a593Smuzhiyun
53*4882a593Smuzhiyun #ifndef PUT_UINT64_BE
54*4882a593Smuzhiyun #define PUT_UINT64_BE(n,b,i) \
55*4882a593Smuzhiyun { \
56*4882a593Smuzhiyun (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \
57*4882a593Smuzhiyun (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \
58*4882a593Smuzhiyun (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \
59*4882a593Smuzhiyun (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \
60*4882a593Smuzhiyun (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \
61*4882a593Smuzhiyun (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \
62*4882a593Smuzhiyun (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \
63*4882a593Smuzhiyun (b)[(i) + 7] = (unsigned char) ( (n) ); \
64*4882a593Smuzhiyun }
65*4882a593Smuzhiyun #endif /* PUT_UINT64_BE */
66*4882a593Smuzhiyun
mbedtls_sha512_init(RK_SHA512_CTX * ctx)67*4882a593Smuzhiyun void mbedtls_sha512_init( RK_SHA512_CTX *ctx )
68*4882a593Smuzhiyun {
69*4882a593Smuzhiyun memset( ctx, 0, sizeof( RK_SHA512_CTX ) );
70*4882a593Smuzhiyun }
71*4882a593Smuzhiyun
mbedtls_sha512_free(RK_SHA512_CTX * ctx)72*4882a593Smuzhiyun void mbedtls_sha512_free( RK_SHA512_CTX *ctx )
73*4882a593Smuzhiyun {
74*4882a593Smuzhiyun if( ctx == NULL )
75*4882a593Smuzhiyun return;
76*4882a593Smuzhiyun
77*4882a593Smuzhiyun mbedtls_zeroize( ctx, sizeof( RK_SHA512_CTX ) );
78*4882a593Smuzhiyun }
79*4882a593Smuzhiyun
mbedtls_sha512_clone(RK_SHA512_CTX * dst,const RK_SHA512_CTX * src)80*4882a593Smuzhiyun void mbedtls_sha512_clone( RK_SHA512_CTX *dst,
81*4882a593Smuzhiyun const RK_SHA512_CTX *src )
82*4882a593Smuzhiyun {
83*4882a593Smuzhiyun *dst = *src;
84*4882a593Smuzhiyun }
85*4882a593Smuzhiyun
86*4882a593Smuzhiyun /*
87*4882a593Smuzhiyun * SHA-512 context setup
88*4882a593Smuzhiyun */
mbedtls_sha512_starts(RK_SHA512_CTX * ctx,int type)89*4882a593Smuzhiyun void mbedtls_sha512_starts( RK_SHA512_CTX *ctx, int type)
90*4882a593Smuzhiyun {
91*4882a593Smuzhiyun ctx->total[0] = 0;
92*4882a593Smuzhiyun ctx->total[1] = 0;
93*4882a593Smuzhiyun
94*4882a593Smuzhiyun if( type == SHA_512)
95*4882a593Smuzhiyun {
96*4882a593Smuzhiyun /* SHA-512 */
97*4882a593Smuzhiyun ctx->state[0] = UL64(0x6A09E667F3BCC908);
98*4882a593Smuzhiyun ctx->state[1] = UL64(0xBB67AE8584CAA73B);
99*4882a593Smuzhiyun ctx->state[2] = UL64(0x3C6EF372FE94F82B);
100*4882a593Smuzhiyun ctx->state[3] = UL64(0xA54FF53A5F1D36F1);
101*4882a593Smuzhiyun ctx->state[4] = UL64(0x510E527FADE682D1);
102*4882a593Smuzhiyun ctx->state[5] = UL64(0x9B05688C2B3E6C1F);
103*4882a593Smuzhiyun ctx->state[6] = UL64(0x1F83D9ABFB41BD6B);
104*4882a593Smuzhiyun ctx->state[7] = UL64(0x5BE0CD19137E2179);
105*4882a593Smuzhiyun }
106*4882a593Smuzhiyun else if (type == SHA_384)
107*4882a593Smuzhiyun {
108*4882a593Smuzhiyun /* SHA-384 */
109*4882a593Smuzhiyun ctx->state[0] = UL64(0xCBBB9D5DC1059ED8);
110*4882a593Smuzhiyun ctx->state[1] = UL64(0x629A292A367CD507);
111*4882a593Smuzhiyun ctx->state[2] = UL64(0x9159015A3070DD17);
112*4882a593Smuzhiyun ctx->state[3] = UL64(0x152FECD8F70E5939);
113*4882a593Smuzhiyun ctx->state[4] = UL64(0x67332667FFC00B31);
114*4882a593Smuzhiyun ctx->state[5] = UL64(0x8EB44A8768581511);
115*4882a593Smuzhiyun ctx->state[6] = UL64(0xDB0C2E0D64F98FA7);
116*4882a593Smuzhiyun ctx->state[7] = UL64(0x47B5481DBEFA4FA4);
117*4882a593Smuzhiyun ctx->is384 = 1;
118*4882a593Smuzhiyun }
119*4882a593Smuzhiyun else if (type == SHA_512_224)
120*4882a593Smuzhiyun {
121*4882a593Smuzhiyun ctx->state[0] = UL64(0x8C3D37C819544DA2);
122*4882a593Smuzhiyun ctx->state[1] = UL64(0x73E1996689DCD4D6);
123*4882a593Smuzhiyun ctx->state[2] = UL64(0x1DFAB7AE32FF9C82);
124*4882a593Smuzhiyun ctx->state[3] = UL64(0x679DD514582F9FCF);
125*4882a593Smuzhiyun ctx->state[4] = UL64(0x0F6D2B697BD44DA8);
126*4882a593Smuzhiyun ctx->state[5] = UL64(0x77E36F7304C48942);
127*4882a593Smuzhiyun ctx->state[6] = UL64(0x3F9D85A86A1D36C8);
128*4882a593Smuzhiyun ctx->state[7] = UL64(0x1112E6AD91D692A1);
129*4882a593Smuzhiyun }
130*4882a593Smuzhiyun else if (type == SHA_512_256)
131*4882a593Smuzhiyun {
132*4882a593Smuzhiyun ctx->state[0] = UL64(0x22312194FC2BF72C);
133*4882a593Smuzhiyun ctx->state[1] = UL64(0x9F555FA3C84C64C2);
134*4882a593Smuzhiyun ctx->state[2] = UL64(0x2393B86B6F53B151);
135*4882a593Smuzhiyun ctx->state[3] = UL64(0x963877195940EABD);
136*4882a593Smuzhiyun ctx->state[4] = UL64(0x96283EE2A88EFFE3);
137*4882a593Smuzhiyun ctx->state[5] = UL64(0xBE5E1E2553863992);
138*4882a593Smuzhiyun ctx->state[6] = UL64(0x2B0199FC2C85B8AA);
139*4882a593Smuzhiyun ctx->state[7] = UL64(0x0EB72DDC81C52CA2);
140*4882a593Smuzhiyun }
141*4882a593Smuzhiyun else
142*4882a593Smuzhiyun {
143*4882a593Smuzhiyun ;
144*4882a593Smuzhiyun }
145*4882a593Smuzhiyun }
146*4882a593Smuzhiyun
147*4882a593Smuzhiyun /*
148*4882a593Smuzhiyun * Round constants
149*4882a593Smuzhiyun */
150*4882a593Smuzhiyun static const uint64_t K[80] =
151*4882a593Smuzhiyun {
152*4882a593Smuzhiyun UL64(0x428A2F98D728AE22), UL64(0x7137449123EF65CD),
153*4882a593Smuzhiyun UL64(0xB5C0FBCFEC4D3B2F), UL64(0xE9B5DBA58189DBBC),
154*4882a593Smuzhiyun UL64(0x3956C25BF348B538), UL64(0x59F111F1B605D019),
155*4882a593Smuzhiyun UL64(0x923F82A4AF194F9B), UL64(0xAB1C5ED5DA6D8118),
156*4882a593Smuzhiyun UL64(0xD807AA98A3030242), UL64(0x12835B0145706FBE),
157*4882a593Smuzhiyun UL64(0x243185BE4EE4B28C), UL64(0x550C7DC3D5FFB4E2),
158*4882a593Smuzhiyun UL64(0x72BE5D74F27B896F), UL64(0x80DEB1FE3B1696B1),
159*4882a593Smuzhiyun UL64(0x9BDC06A725C71235), UL64(0xC19BF174CF692694),
160*4882a593Smuzhiyun UL64(0xE49B69C19EF14AD2), UL64(0xEFBE4786384F25E3),
161*4882a593Smuzhiyun UL64(0x0FC19DC68B8CD5B5), UL64(0x240CA1CC77AC9C65),
162*4882a593Smuzhiyun UL64(0x2DE92C6F592B0275), UL64(0x4A7484AA6EA6E483),
163*4882a593Smuzhiyun UL64(0x5CB0A9DCBD41FBD4), UL64(0x76F988DA831153B5),
164*4882a593Smuzhiyun UL64(0x983E5152EE66DFAB), UL64(0xA831C66D2DB43210),
165*4882a593Smuzhiyun UL64(0xB00327C898FB213F), UL64(0xBF597FC7BEEF0EE4),
166*4882a593Smuzhiyun UL64(0xC6E00BF33DA88FC2), UL64(0xD5A79147930AA725),
167*4882a593Smuzhiyun UL64(0x06CA6351E003826F), UL64(0x142929670A0E6E70),
168*4882a593Smuzhiyun UL64(0x27B70A8546D22FFC), UL64(0x2E1B21385C26C926),
169*4882a593Smuzhiyun UL64(0x4D2C6DFC5AC42AED), UL64(0x53380D139D95B3DF),
170*4882a593Smuzhiyun UL64(0x650A73548BAF63DE), UL64(0x766A0ABB3C77B2A8),
171*4882a593Smuzhiyun UL64(0x81C2C92E47EDAEE6), UL64(0x92722C851482353B),
172*4882a593Smuzhiyun UL64(0xA2BFE8A14CF10364), UL64(0xA81A664BBC423001),
173*4882a593Smuzhiyun UL64(0xC24B8B70D0F89791), UL64(0xC76C51A30654BE30),
174*4882a593Smuzhiyun UL64(0xD192E819D6EF5218), UL64(0xD69906245565A910),
175*4882a593Smuzhiyun UL64(0xF40E35855771202A), UL64(0x106AA07032BBD1B8),
176*4882a593Smuzhiyun UL64(0x19A4C116B8D2D0C8), UL64(0x1E376C085141AB53),
177*4882a593Smuzhiyun UL64(0x2748774CDF8EEB99), UL64(0x34B0BCB5E19B48A8),
178*4882a593Smuzhiyun UL64(0x391C0CB3C5C95A63), UL64(0x4ED8AA4AE3418ACB),
179*4882a593Smuzhiyun UL64(0x5B9CCA4F7763E373), UL64(0x682E6FF3D6B2B8A3),
180*4882a593Smuzhiyun UL64(0x748F82EE5DEFB2FC), UL64(0x78A5636F43172F60),
181*4882a593Smuzhiyun UL64(0x84C87814A1F0AB72), UL64(0x8CC702081A6439EC),
182*4882a593Smuzhiyun UL64(0x90BEFFFA23631E28), UL64(0xA4506CEBDE82BDE9),
183*4882a593Smuzhiyun UL64(0xBEF9A3F7B2C67915), UL64(0xC67178F2E372532B),
184*4882a593Smuzhiyun UL64(0xCA273ECEEA26619C), UL64(0xD186B8C721C0C207),
185*4882a593Smuzhiyun UL64(0xEADA7DD6CDE0EB1E), UL64(0xF57D4F7FEE6ED178),
186*4882a593Smuzhiyun UL64(0x06F067AA72176FBA), UL64(0x0A637DC5A2C898A6),
187*4882a593Smuzhiyun UL64(0x113F9804BEF90DAE), UL64(0x1B710B35131C471B),
188*4882a593Smuzhiyun UL64(0x28DB77F523047D84), UL64(0x32CAAB7B40C72493),
189*4882a593Smuzhiyun UL64(0x3C9EBE0A15C9BEBC), UL64(0x431D67C49C100D4C),
190*4882a593Smuzhiyun UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A),
191*4882a593Smuzhiyun UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817)
192*4882a593Smuzhiyun };
193*4882a593Smuzhiyun
mbedtls_sha512_process(RK_SHA512_CTX * ctx,const unsigned char data[128])194*4882a593Smuzhiyun void mbedtls_sha512_process( RK_SHA512_CTX *ctx, const unsigned char data[128] )
195*4882a593Smuzhiyun {
196*4882a593Smuzhiyun int i;
197*4882a593Smuzhiyun uint64_t temp1, temp2, W[80];
198*4882a593Smuzhiyun uint64_t A, B, C, D, E, F, G, H;
199*4882a593Smuzhiyun
200*4882a593Smuzhiyun #define SHR(x,n) (x >> n)
201*4882a593Smuzhiyun #define ROTR(x,n) (SHR(x,n) | (x << (64 - n)))
202*4882a593Smuzhiyun
203*4882a593Smuzhiyun #define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7))
204*4882a593Smuzhiyun #define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6))
205*4882a593Smuzhiyun
206*4882a593Smuzhiyun #define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39))
207*4882a593Smuzhiyun #define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41))
208*4882a593Smuzhiyun
209*4882a593Smuzhiyun #define F0(x,y,z) ((x & y) | (z & (x | y)))
210*4882a593Smuzhiyun #define F1(x,y,z) (z ^ (x & (y ^ z)))
211*4882a593Smuzhiyun
212*4882a593Smuzhiyun #define P(a,b,c,d,e,f,g,h,x,K) \
213*4882a593Smuzhiyun { \
214*4882a593Smuzhiyun temp1 = h + S3(e) + F1(e,f,g) + K + x; \
215*4882a593Smuzhiyun temp2 = S2(a) + F0(a,b,c); \
216*4882a593Smuzhiyun d += temp1; h = temp1 + temp2; \
217*4882a593Smuzhiyun }
218*4882a593Smuzhiyun
219*4882a593Smuzhiyun for( i = 0; i < 16; i++ )
220*4882a593Smuzhiyun {
221*4882a593Smuzhiyun GET_UINT64_BE( W[i], data, i << 3 );
222*4882a593Smuzhiyun }
223*4882a593Smuzhiyun
224*4882a593Smuzhiyun for( ; i < 80; i++ )
225*4882a593Smuzhiyun {
226*4882a593Smuzhiyun W[i] = S1(W[i - 2]) + W[i - 7] +
227*4882a593Smuzhiyun S0(W[i - 15]) + W[i - 16];
228*4882a593Smuzhiyun }
229*4882a593Smuzhiyun
230*4882a593Smuzhiyun A = ctx->state[0];
231*4882a593Smuzhiyun B = ctx->state[1];
232*4882a593Smuzhiyun C = ctx->state[2];
233*4882a593Smuzhiyun D = ctx->state[3];
234*4882a593Smuzhiyun E = ctx->state[4];
235*4882a593Smuzhiyun F = ctx->state[5];
236*4882a593Smuzhiyun G = ctx->state[6];
237*4882a593Smuzhiyun H = ctx->state[7];
238*4882a593Smuzhiyun i = 0;
239*4882a593Smuzhiyun
240*4882a593Smuzhiyun do
241*4882a593Smuzhiyun {
242*4882a593Smuzhiyun P( A, B, C, D, E, F, G, H, W[i], K[i] ); i++;
243*4882a593Smuzhiyun P( H, A, B, C, D, E, F, G, W[i], K[i] ); i++;
244*4882a593Smuzhiyun P( G, H, A, B, C, D, E, F, W[i], K[i] ); i++;
245*4882a593Smuzhiyun P( F, G, H, A, B, C, D, E, W[i], K[i] ); i++;
246*4882a593Smuzhiyun P( E, F, G, H, A, B, C, D, W[i], K[i] ); i++;
247*4882a593Smuzhiyun P( D, E, F, G, H, A, B, C, W[i], K[i] ); i++;
248*4882a593Smuzhiyun P( C, D, E, F, G, H, A, B, W[i], K[i] ); i++;
249*4882a593Smuzhiyun P( B, C, D, E, F, G, H, A, W[i], K[i] ); i++;
250*4882a593Smuzhiyun }
251*4882a593Smuzhiyun while( i < 80 );
252*4882a593Smuzhiyun
253*4882a593Smuzhiyun ctx->state[0] += A;
254*4882a593Smuzhiyun ctx->state[1] += B;
255*4882a593Smuzhiyun ctx->state[2] += C;
256*4882a593Smuzhiyun ctx->state[3] += D;
257*4882a593Smuzhiyun ctx->state[4] += E;
258*4882a593Smuzhiyun ctx->state[5] += F;
259*4882a593Smuzhiyun ctx->state[6] += G;
260*4882a593Smuzhiyun ctx->state[7] += H;
261*4882a593Smuzhiyun }
262*4882a593Smuzhiyun
263*4882a593Smuzhiyun /*
264*4882a593Smuzhiyun * SHA-512 process buffer
265*4882a593Smuzhiyun */
mbedtls_sha512_update(RK_SHA512_CTX * ctx,const unsigned char * input,size_t ilen)266*4882a593Smuzhiyun void mbedtls_sha512_update( RK_SHA512_CTX *ctx, const unsigned char *input,
267*4882a593Smuzhiyun size_t ilen )
268*4882a593Smuzhiyun {
269*4882a593Smuzhiyun size_t fill;
270*4882a593Smuzhiyun unsigned int left;
271*4882a593Smuzhiyun
272*4882a593Smuzhiyun if( ilen == 0 )
273*4882a593Smuzhiyun return;
274*4882a593Smuzhiyun
275*4882a593Smuzhiyun left = (unsigned int) (ctx->total[0] & 0x7F);
276*4882a593Smuzhiyun fill = 128 - left;
277*4882a593Smuzhiyun
278*4882a593Smuzhiyun ctx->total[0] += (uint64_t) ilen;
279*4882a593Smuzhiyun
280*4882a593Smuzhiyun if( ctx->total[0] < (uint64_t) ilen )
281*4882a593Smuzhiyun ctx->total[1]++;
282*4882a593Smuzhiyun
283*4882a593Smuzhiyun if( left && ilen >= fill )
284*4882a593Smuzhiyun {
285*4882a593Smuzhiyun memcpy( (void *) (ctx->buffer + left), input, fill );
286*4882a593Smuzhiyun mbedtls_sha512_process( ctx, ctx->buffer );
287*4882a593Smuzhiyun input += fill;
288*4882a593Smuzhiyun ilen -= fill;
289*4882a593Smuzhiyun left = 0;
290*4882a593Smuzhiyun }
291*4882a593Smuzhiyun
292*4882a593Smuzhiyun while( ilen >= 128 )
293*4882a593Smuzhiyun {
294*4882a593Smuzhiyun mbedtls_sha512_process( ctx, input );
295*4882a593Smuzhiyun input += 128;
296*4882a593Smuzhiyun ilen -= 128;
297*4882a593Smuzhiyun }
298*4882a593Smuzhiyun
299*4882a593Smuzhiyun if( ilen > 0 )
300*4882a593Smuzhiyun memcpy( (void *) (ctx->buffer + left), input, ilen );
301*4882a593Smuzhiyun }
302*4882a593Smuzhiyun
303*4882a593Smuzhiyun static const unsigned char sha512_padding[128] =
304*4882a593Smuzhiyun {
305*4882a593Smuzhiyun 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
306*4882a593Smuzhiyun 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
307*4882a593Smuzhiyun 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
308*4882a593Smuzhiyun 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
309*4882a593Smuzhiyun 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
310*4882a593Smuzhiyun 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
311*4882a593Smuzhiyun 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
312*4882a593Smuzhiyun 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
313*4882a593Smuzhiyun };
314*4882a593Smuzhiyun
315*4882a593Smuzhiyun /*
316*4882a593Smuzhiyun * SHA-512 final digest
317*4882a593Smuzhiyun */
mbedtls_sha512_finish(RK_SHA512_CTX * ctx,unsigned char output[64])318*4882a593Smuzhiyun void mbedtls_sha512_finish( RK_SHA512_CTX *ctx, unsigned char output[64] )
319*4882a593Smuzhiyun {
320*4882a593Smuzhiyun size_t last, padn;
321*4882a593Smuzhiyun uint64_t high, low;
322*4882a593Smuzhiyun unsigned char msglen[16];
323*4882a593Smuzhiyun
324*4882a593Smuzhiyun high = ( ctx->total[0] >> 61 )
325*4882a593Smuzhiyun | ( ctx->total[1] << 3 );
326*4882a593Smuzhiyun low = ( ctx->total[0] << 3 );
327*4882a593Smuzhiyun
328*4882a593Smuzhiyun PUT_UINT64_BE( high, msglen, 0 );
329*4882a593Smuzhiyun PUT_UINT64_BE( low, msglen, 8 );
330*4882a593Smuzhiyun
331*4882a593Smuzhiyun last = (size_t)( ctx->total[0] & 0x7F );
332*4882a593Smuzhiyun padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
333*4882a593Smuzhiyun
334*4882a593Smuzhiyun mbedtls_sha512_update( ctx, sha512_padding, padn );
335*4882a593Smuzhiyun mbedtls_sha512_update( ctx, msglen, 16 );
336*4882a593Smuzhiyun
337*4882a593Smuzhiyun PUT_UINT64_BE( ctx->state[0], output, 0 );
338*4882a593Smuzhiyun PUT_UINT64_BE( ctx->state[1], output, 8 );
339*4882a593Smuzhiyun PUT_UINT64_BE( ctx->state[2], output, 16 );
340*4882a593Smuzhiyun PUT_UINT64_BE( ctx->state[3], output, 24 );
341*4882a593Smuzhiyun PUT_UINT64_BE( ctx->state[4], output, 32 );
342*4882a593Smuzhiyun PUT_UINT64_BE( ctx->state[5], output, 40 );
343*4882a593Smuzhiyun
344*4882a593Smuzhiyun if( ctx->is384 == 0 )
345*4882a593Smuzhiyun {
346*4882a593Smuzhiyun PUT_UINT64_BE( ctx->state[6], output, 48 );
347*4882a593Smuzhiyun PUT_UINT64_BE( ctx->state[7], output, 56 );
348*4882a593Smuzhiyun }
349*4882a593Smuzhiyun }
350*4882a593Smuzhiyun
351*4882a593Smuzhiyun
352*4882a593Smuzhiyun /*
353*4882a593Smuzhiyun * output = SHA-512( input buffer )
354*4882a593Smuzhiyun */
rk_hash_sha512(const unsigned char * in,unsigned int in_len,unsigned char * out,unsigned int * out_len)355*4882a593Smuzhiyun int rk_hash_sha512(const unsigned char *in, unsigned int in_len,
356*4882a593Smuzhiyun unsigned char *out, unsigned int *out_len)
357*4882a593Smuzhiyun {
358*4882a593Smuzhiyun RK_SHA512_CTX ctx;
359*4882a593Smuzhiyun
360*4882a593Smuzhiyun if (in == NULL && in_len != 0)
361*4882a593Smuzhiyun return -1;
362*4882a593Smuzhiyun
363*4882a593Smuzhiyun if(out == NULL || out_len == NULL)
364*4882a593Smuzhiyun return -1;
365*4882a593Smuzhiyun
366*4882a593Smuzhiyun mbedtls_sha512_init( &ctx );
367*4882a593Smuzhiyun mbedtls_sha512_starts( &ctx, SHA_512);
368*4882a593Smuzhiyun mbedtls_sha512_update( &ctx, in, in_len );
369*4882a593Smuzhiyun mbedtls_sha512_finish( &ctx, out );
370*4882a593Smuzhiyun mbedtls_sha512_free( &ctx );
371*4882a593Smuzhiyun *out_len = 64;
372*4882a593Smuzhiyun return 0;
373*4882a593Smuzhiyun }
374*4882a593Smuzhiyun
rk_hash_sha384(const unsigned char * in,unsigned int in_len,unsigned char * out,unsigned int * out_len)375*4882a593Smuzhiyun int rk_hash_sha384(const unsigned char *in, unsigned int in_len,
376*4882a593Smuzhiyun unsigned char *out, unsigned int *out_len)
377*4882a593Smuzhiyun {
378*4882a593Smuzhiyun RK_SHA512_CTX ctx;
379*4882a593Smuzhiyun
380*4882a593Smuzhiyun if (in == NULL && in_len != 0)
381*4882a593Smuzhiyun return -1;
382*4882a593Smuzhiyun
383*4882a593Smuzhiyun if(out == NULL || out_len == NULL)
384*4882a593Smuzhiyun return -1;
385*4882a593Smuzhiyun
386*4882a593Smuzhiyun mbedtls_sha512_init( &ctx );
387*4882a593Smuzhiyun mbedtls_sha512_starts( &ctx, SHA_384);
388*4882a593Smuzhiyun mbedtls_sha512_update( &ctx, in, in_len );
389*4882a593Smuzhiyun mbedtls_sha512_finish( &ctx, out );
390*4882a593Smuzhiyun mbedtls_sha512_free( &ctx );
391*4882a593Smuzhiyun *out_len = 48;
392*4882a593Smuzhiyun return 0;
393*4882a593Smuzhiyun }
394*4882a593Smuzhiyun
rk_hash_sha512_224(const unsigned char * in,unsigned int in_len,unsigned char * out,unsigned int * out_len)395*4882a593Smuzhiyun int rk_hash_sha512_224(const unsigned char *in, unsigned int in_len,
396*4882a593Smuzhiyun unsigned char *out, unsigned int *out_len)
397*4882a593Smuzhiyun {
398*4882a593Smuzhiyun RK_SHA512_CTX ctx;
399*4882a593Smuzhiyun
400*4882a593Smuzhiyun if (in == NULL && in_len != 0)
401*4882a593Smuzhiyun return -1;
402*4882a593Smuzhiyun
403*4882a593Smuzhiyun if(out == NULL || out_len == NULL)
404*4882a593Smuzhiyun return -1;
405*4882a593Smuzhiyun
406*4882a593Smuzhiyun mbedtls_sha512_init( &ctx );
407*4882a593Smuzhiyun mbedtls_sha512_starts( &ctx, SHA_512_224);
408*4882a593Smuzhiyun mbedtls_sha512_update( &ctx, in, in_len );
409*4882a593Smuzhiyun mbedtls_sha512_finish( &ctx, out );
410*4882a593Smuzhiyun mbedtls_sha512_free( &ctx );
411*4882a593Smuzhiyun *out_len = 28;
412*4882a593Smuzhiyun return 0;
413*4882a593Smuzhiyun }
414*4882a593Smuzhiyun
rk_hash_sha512_256(const unsigned char * in,unsigned int in_len,unsigned char * out,unsigned int * out_len)415*4882a593Smuzhiyun int rk_hash_sha512_256(const unsigned char *in, unsigned int in_len,
416*4882a593Smuzhiyun unsigned char *out, unsigned int *out_len)
417*4882a593Smuzhiyun {
418*4882a593Smuzhiyun RK_SHA512_CTX ctx;
419*4882a593Smuzhiyun
420*4882a593Smuzhiyun if (in == NULL && in_len != 0)
421*4882a593Smuzhiyun return -1;
422*4882a593Smuzhiyun
423*4882a593Smuzhiyun if(out == NULL || out_len == NULL)
424*4882a593Smuzhiyun return -1;
425*4882a593Smuzhiyun
426*4882a593Smuzhiyun mbedtls_sha512_init( &ctx );
427*4882a593Smuzhiyun mbedtls_sha512_starts( &ctx, SHA_512_256);
428*4882a593Smuzhiyun mbedtls_sha512_update( &ctx, in, in_len );
429*4882a593Smuzhiyun mbedtls_sha512_finish( &ctx, out );
430*4882a593Smuzhiyun mbedtls_sha512_free( &ctx );
431*4882a593Smuzhiyun *out_len = 32;
432*4882a593Smuzhiyun return 0;
433*4882a593Smuzhiyun }
434*4882a593Smuzhiyun
435