release/src/router/libsodium/src/libsodium/crypto_hashblocks/sha512/ref/blocks_sha512.c

   1 #include "api.h"
   2
   3 typedef unsigned long long uint64;
   4
   5 static uint64 load_bigendian(const unsigned char *x)
   6 {
   7   return
   8       (uint64) (x[7]) \
   9   | (((uint64) (x[6])) << 8) \
  10   | (((uint64) (x[5])) << 16) \
  11   | (((uint64) (x[4])) << 24) \
  12   | (((uint64) (x[3])) << 32) \
  13   | (((uint64) (x[2])) << 40) \
  14   | (((uint64) (x[1])) << 48) \
  15   | (((uint64) (x[0])) << 56)
  16   ;
  17 }
  18
  19 static void store_bigendian(unsigned char *x,uint64 u)
  20 {
  21   x[7] = u; u >>= 8;
  22   x[6] = u; u >>= 8;
  23   x[5] = u; u >>= 8;
  24   x[4] = u; u >>= 8;
  25   x[3] = u; u >>= 8;
  26   x[2] = u; u >>= 8;
  27   x[1] = u; u >>= 8;
  28   x[0] = u;
  29 }
  30
  31 #define SHR(x,c) ((x) >> (c))
  32 #define ROTR(x,c) (((x) >> (c)) | ((x) << (64 - (c))))
  33
  34 #define Ch(x,y,z) ((x & y) ^ (~x & z))
  35 #define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
  36 #define Sigma0(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39))
  37 #define Sigma1(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41))
  38 #define sigma0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x,7))
  39 #define sigma1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x,6))
  40
  41 #define M(w0,w14,w9,w1) w0 = sigma1(w14) + w9 + sigma0(w1) + w0;
  42
  43 #define EXPAND \
  44   M(w0 ,w14,w9 ,w1 ) \
  45   M(w1 ,w15,w10,w2 ) \
  46   M(w2 ,w0 ,w11,w3 ) \
  47   M(w3 ,w1 ,w12,w4 ) \
  48   M(w4 ,w2 ,w13,w5 ) \
  49   M(w5 ,w3 ,w14,w6 ) \
  50   M(w6 ,w4 ,w15,w7 ) \
  51   M(w7 ,w5 ,w0 ,w8 ) \
  52   M(w8 ,w6 ,w1 ,w9 ) \
  53   M(w9 ,w7 ,w2 ,w10) \
  54   M(w10,w8 ,w3 ,w11) \
  55   M(w11,w9 ,w4 ,w12) \
  56   M(w12,w10,w5 ,w13) \
  57   M(w13,w11,w6 ,w14) \
  58   M(w14,w12,w7 ,w15) \
  59   M(w15,w13,w8 ,w0 )
  60
  61 #define F(w,k) \
  62   T1 = h + Sigma1(e) + Ch(e,f,g) + k + w; \
  63   T2 = Sigma0(a) + Maj(a,b,c); \
  64   h = g; \
  65   g = f; \
  66   f = e; \
  67   e = d + T1; \
  68   d = c; \
  69   c = b; \
  70   b = a; \
  71   a = T1 + T2;
  72
  73 int crypto_hashblocks(unsigned char *statebytes,const unsigned char *in,unsigned long long inlen)
  74 {
  75   uint64 state[8];
  76   uint64 a;
  77   uint64 b;
  78   uint64 c;
  79   uint64 d;
  80   uint64 e;
  81   uint64 f;
  82   uint64 g;
  83   uint64 h;
  84   uint64 T1;
  85   uint64 T2;
  86
  87   a = load_bigendian(statebytes +  0); state[0] = a;
  88   b = load_bigendian(statebytes +  8); state[1] = b;
  89   c = load_bigendian(statebytes + 16); state[2] = c;
  90   d = load_bigendian(statebytes + 24); state[3] = d;
  91   e = load_bigendian(statebytes + 32); state[4] = e;
  92   f = load_bigendian(statebytes + 40); state[5] = f;
  93   g = load_bigendian(statebytes + 48); state[6] = g;
  94   h = load_bigendian(statebytes + 56); state[7] = h;
  95
  96   while (inlen >= 128) {
  97     uint64 w0  = load_bigendian(in +   0);
  98     uint64 w1  = load_bigendian(in +   8);
  99     uint64 w2  = load_bigendian(in +  16);
 100     uint64 w3  = load_bigendian(in +  24);
 101     uint64 w4  = load_bigendian(in +  32);
 102     uint64 w5  = load_bigendian(in +  40);
 103     uint64 w6  = load_bigendian(in +  48);
 104     uint64 w7  = load_bigendian(in +  56);
 105     uint64 w8  = load_bigendian(in +  64);
 106     uint64 w9  = load_bigendian(in +  72);
 107     uint64 w10 = load_bigendian(in +  80);
 108     uint64 w11 = load_bigendian(in +  88);
 109     uint64 w12 = load_bigendian(in +  96);
 110     uint64 w13 = load_bigendian(in + 104);
 111     uint64 w14 = load_bigendian(in + 112);
 112     uint64 w15 = load_bigendian(in + 120);
 113
 114     F(w0 ,0x428a2f98d728ae22ULL)
 115     F(w1 ,0x7137449123ef65cdULL)
 116     F(w2 ,0xb5c0fbcfec4d3b2fULL)
 117     F(w3 ,0xe9b5dba58189dbbcULL)
 118     F(w4 ,0x3956c25bf348b538ULL)
 119     F(w5 ,0x59f111f1b605d019ULL)
 120     F(w6 ,0x923f82a4af194f9bULL)
 121     F(w7 ,0xab1c5ed5da6d8118ULL)
 122     F(w8 ,0xd807aa98a3030242ULL)
 123     F(w9 ,0x12835b0145706fbeULL)
 124     F(w10,0x243185be4ee4b28cULL)
 125     F(w11,0x550c7dc3d5ffb4e2ULL)
 126     F(w12,0x72be5d74f27b896fULL)
 127     F(w13,0x80deb1fe3b1696b1ULL)
 128     F(w14,0x9bdc06a725c71235ULL)
 129     F(w15,0xc19bf174cf692694ULL)
 130
 131     EXPAND
 132
 133     F(w0 ,0xe49b69c19ef14ad2ULL)
 134     F(w1 ,0xefbe4786384f25e3ULL)
 135     F(w2 ,0x0fc19dc68b8cd5b5ULL)
 136     F(w3 ,0x240ca1cc77ac9c65ULL)
 137     F(w4 ,0x2de92c6f592b0275ULL)
 138     F(w5 ,0x4a7484aa6ea6e483ULL)
 139     F(w6 ,0x5cb0a9dcbd41fbd4ULL)
 140     F(w7 ,0x76f988da831153b5ULL)
 141     F(w8 ,0x983e5152ee66dfabULL)
 142     F(w9 ,0xa831c66d2db43210ULL)
 143     F(w10,0xb00327c898fb213fULL)
 144     F(w11,0xbf597fc7beef0ee4ULL)
 145     F(w12,0xc6e00bf33da88fc2ULL)
 146     F(w13,0xd5a79147930aa725ULL)
 147     F(w14,0x06ca6351e003826fULL)
 148     F(w15,0x142929670a0e6e70ULL)
 149
 150     EXPAND
 151
 152     F(w0 ,0x27b70a8546d22ffcULL)
 153     F(w1 ,0x2e1b21385c26c926ULL)
 154     F(w2 ,0x4d2c6dfc5ac42aedULL)
 155     F(w3 ,0x53380d139d95b3dfULL)
 156     F(w4 ,0x650a73548baf63deULL)
 157     F(w5 ,0x766a0abb3c77b2a8ULL)
 158     F(w6 ,0x81c2c92e47edaee6ULL)
 159     F(w7 ,0x92722c851482353bULL)
 160     F(w8 ,0xa2bfe8a14cf10364ULL)
 161     F(w9 ,0xa81a664bbc423001ULL)
 162     F(w10,0xc24b8b70d0f89791ULL)
 163     F(w11,0xc76c51a30654be30ULL)
 164     F(w12,0xd192e819d6ef5218ULL)
 165     F(w13,0xd69906245565a910ULL)
 166     F(w14,0xf40e35855771202aULL)
 167     F(w15,0x106aa07032bbd1b8ULL)
 168
 169     EXPAND
 170
 171     F(w0 ,0x19a4c116b8d2d0c8ULL)
 172     F(w1 ,0x1e376c085141ab53ULL)
 173     F(w2 ,0x2748774cdf8eeb99ULL)
 174     F(w3 ,0x34b0bcb5e19b48a8ULL)
 175     F(w4 ,0x391c0cb3c5c95a63ULL)
 176     F(w5 ,0x4ed8aa4ae3418acbULL)
 177     F(w6 ,0x5b9cca4f7763e373ULL)
 178     F(w7 ,0x682e6ff3d6b2b8a3ULL)
 179     F(w8 ,0x748f82ee5defb2fcULL)
 180     F(w9 ,0x78a5636f43172f60ULL)
 181     F(w10,0x84c87814a1f0ab72ULL)
 182     F(w11,0x8cc702081a6439ecULL)
 183     F(w12,0x90befffa23631e28ULL)
 184     F(w13,0xa4506cebde82bde9ULL)
 185     F(w14,0xbef9a3f7b2c67915ULL)
 186     F(w15,0xc67178f2e372532bULL)
 187
 188     EXPAND
 189
 190     F(w0 ,0xca273eceea26619cULL)
 191     F(w1 ,0xd186b8c721c0c207ULL)
 192     F(w2 ,0xeada7dd6cde0eb1eULL)
 193     F(w3 ,0xf57d4f7fee6ed178ULL)
 194     F(w4 ,0x06f067aa72176fbaULL)
 195     F(w5 ,0x0a637dc5a2c898a6ULL)
 196     F(w6 ,0x113f9804bef90daeULL)
 197     F(w7 ,0x1b710b35131c471bULL)
 198     F(w8 ,0x28db77f523047d84ULL)
 199     F(w9 ,0x32caab7b40c72493ULL)
 200     F(w10,0x3c9ebe0a15c9bebcULL)
 201     F(w11,0x431d67c49c100d4cULL)
 202     F(w12,0x4cc5d4becb3e42b6ULL)
 203     F(w13,0x597f299cfc657e2aULL)
 204     F(w14,0x5fcb6fab3ad6faecULL)
 205     F(w15,0x6c44198c4a475817ULL)
 206
 207     a += state[0];
 208     b += state[1];
 209     c += state[2];
 210     d += state[3];
 211     e += state[4];
 212     f += state[5];
 213     g += state[6];
 214     h += state[7];
 215
 216     state[0] = a;
 217     state[1] = b;
 218     state[2] = c;
 219     state[3] = d;
 220     state[4] = e;
 221     state[5] = f;
 222     state[6] = g;
 223     state[7] = h;
 224
 225     in += 128;
 226     inlen -= 128;
 227   }
 228
 229   store_bigendian(statebytes +  0,state[0]);
 230   store_bigendian(statebytes +  8,state[1]);
 231   store_bigendian(statebytes + 16,state[2]);
 232   store_bigendian(statebytes + 24,state[3]);
 233   store_bigendian(statebytes + 32,state[4]);
 234   store_bigendian(statebytes + 40,state[5]);
 235   store_bigendian(statebytes + 48,state[6]);
 236   store_bigendian(statebytes + 56,state[7]);
 237
 238   return 0;
 239 }