1 // Copyright 2014 PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
7 #include "../../../include/fdrm/fx_crypt.h"
13 unsigned char block[64];
15 unsigned int lenhi, lenlo;
17 #define rol(x, y) (((x) << (y)) | (((unsigned int)x) >> (32 - y)))
18 static void SHA_Core_Init(unsigned int h[5]) {
25 static void SHATransform(unsigned int* digest, unsigned int* block) {
27 unsigned int a, b, c, d, e;
29 for (t = 0; t < 16; t++) {
32 for (t = 16; t < 80; t++) {
33 unsigned int tmp = w[t - 3] ^ w[t - 8] ^ w[t - 14] ^ w[t - 16];
41 for (t = 0; t < 20; t++) {
42 unsigned int tmp = rol(a, 5) + ((b & c) | (d & ~b)) + e + w[t] + 0x5a827999;
49 for (t = 20; t < 40; t++) {
50 unsigned int tmp = rol(a, 5) + (b ^ c ^ d) + e + w[t] + 0x6ed9eba1;
57 for (t = 40; t < 60; t++) {
59 rol(a, 5) + ((b & c) | (b & d) | (c & d)) + e + w[t] + 0x8f1bbcdc;
66 for (t = 60; t < 80; t++) {
67 unsigned int tmp = rol(a, 5) + (b ^ c ^ d) + e + w[t] + 0xca62c1d6;
80 void CRYPT_SHA1Start(void* context) {
81 SHA_State* s = (SHA_State*)context;
84 s->lenhi = s->lenlo = 0;
86 void CRYPT_SHA1Update(void* context, const uint8_t* data, FX_DWORD size) {
87 SHA_State* s = (SHA_State*)context;
88 unsigned char* q = (unsigned char*)data;
89 unsigned int wordblock[16];
91 unsigned int lenw = len;
94 s->lenhi += (s->lenlo < lenw);
95 if (s->blkused && s->blkused + len < 64) {
96 FXSYS_memcpy(s->block + s->blkused, q, len);
99 while (s->blkused + len >= 64) {
100 FXSYS_memcpy(s->block + s->blkused, q, 64 - s->blkused);
101 q += 64 - s->blkused;
102 len -= 64 - s->blkused;
103 for (i = 0; i < 16; i++) {
104 wordblock[i] = (((unsigned int)s->block[i * 4 + 0]) << 24) |
105 (((unsigned int)s->block[i * 4 + 1]) << 16) |
106 (((unsigned int)s->block[i * 4 + 2]) << 8) |
107 (((unsigned int)s->block[i * 4 + 3]) << 0);
109 SHATransform(s->h, wordblock);
112 FXSYS_memcpy(s->block, q, len);
116 void CRYPT_SHA1Finish(void* context, uint8_t digest[20]) {
117 SHA_State* s = (SHA_State*)context;
121 unsigned int lenhi, lenlo;
122 if (s->blkused >= 56) {
123 pad = 56 + 64 - s->blkused;
125 pad = 56 - s->blkused;
127 lenhi = (s->lenhi << 3) | (s->lenlo >> (32 - 3));
128 lenlo = (s->lenlo << 3);
129 FXSYS_memset(c, 0, pad);
131 CRYPT_SHA1Update(s, c, pad);
132 c[0] = (lenhi >> 24) & 0xFF;
133 c[1] = (lenhi >> 16) & 0xFF;
134 c[2] = (lenhi >> 8) & 0xFF;
135 c[3] = (lenhi >> 0) & 0xFF;
136 c[4] = (lenlo >> 24) & 0xFF;
137 c[5] = (lenlo >> 16) & 0xFF;
138 c[6] = (lenlo >> 8) & 0xFF;
139 c[7] = (lenlo >> 0) & 0xFF;
140 CRYPT_SHA1Update(s, c, 8);
141 for (i = 0; i < 5; i++) {
142 digest[i * 4] = (s->h[i] >> 24) & 0xFF;
143 digest[i * 4 + 1] = (s->h[i] >> 16) & 0xFF;
144 digest[i * 4 + 2] = (s->h[i] >> 8) & 0xFF;
145 digest[i * 4 + 3] = (s->h[i]) & 0xFF;
148 void CRYPT_SHA1Generate(const uint8_t* data,
150 uint8_t digest[20]) {
153 CRYPT_SHA1Update(&s, data, size);
154 CRYPT_SHA1Finish(&s, digest);
161 #define GET_FX_DWORD(n, b, i) \
163 (n) = ((FX_DWORD)(b)[(i)] << 24) | ((FX_DWORD)(b)[(i) + 1] << 16) | \
164 ((FX_DWORD)(b)[(i) + 2] << 8) | ((FX_DWORD)(b)[(i) + 3]); \
166 #define PUT_FX_DWORD(n, b, i) \
168 (b)[(i)] = (uint8_t)((n) >> 24); \
169 (b)[(i) + 1] = (uint8_t)((n) >> 16); \
170 (b)[(i) + 2] = (uint8_t)((n) >> 8); \
171 (b)[(i) + 3] = (uint8_t)((n)); \
173 void CRYPT_SHA256Start(void* context) {
174 sha256_context* ctx = (sha256_context*)context;
177 ctx->state[0] = 0x6A09E667;
178 ctx->state[1] = 0xBB67AE85;
179 ctx->state[2] = 0x3C6EF372;
180 ctx->state[3] = 0xA54FF53A;
181 ctx->state[4] = 0x510E527F;
182 ctx->state[5] = 0x9B05688C;
183 ctx->state[6] = 0x1F83D9AB;
184 ctx->state[7] = 0x5BE0CD19;
186 static void sha256_process(sha256_context* ctx, const uint8_t data[64]) {
187 FX_DWORD temp1, temp2, W[64];
188 FX_DWORD A, B, C, D, E, F, G, H;
189 GET_FX_DWORD(W[0], data, 0);
190 GET_FX_DWORD(W[1], data, 4);
191 GET_FX_DWORD(W[2], data, 8);
192 GET_FX_DWORD(W[3], data, 12);
193 GET_FX_DWORD(W[4], data, 16);
194 GET_FX_DWORD(W[5], data, 20);
195 GET_FX_DWORD(W[6], data, 24);
196 GET_FX_DWORD(W[7], data, 28);
197 GET_FX_DWORD(W[8], data, 32);
198 GET_FX_DWORD(W[9], data, 36);
199 GET_FX_DWORD(W[10], data, 40);
200 GET_FX_DWORD(W[11], data, 44);
201 GET_FX_DWORD(W[12], data, 48);
202 GET_FX_DWORD(W[13], data, 52);
203 GET_FX_DWORD(W[14], data, 56);
204 GET_FX_DWORD(W[15], data, 60);
205 #define SHR(x, n) ((x & 0xFFFFFFFF) >> n)
206 #define ROTR(x, n) (SHR(x, n) | (x << (32 - n)))
207 #define S0(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ SHR(x, 3))
208 #define S1(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHR(x, 10))
209 #define S2(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22))
210 #define S3(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25))
211 #define F0(x, y, z) ((x & y) | (z & (x | y)))
212 #define F1(x, y, z) (z ^ (x & (y ^ z)))
213 #define R(t) (W[t] = S1(W[t - 2]) + W[t - 7] + S0(W[t - 15]) + W[t - 16])
214 #define P(a, b, c, d, e, f, g, h, x, K) \
216 temp1 = h + S3(e) + F1(e, f, g) + K + x; \
217 temp2 = S2(a) + F0(a, b, c); \
229 P(A, B, C, D, E, F, G, H, W[0], 0x428A2F98);
230 P(H, A, B, C, D, E, F, G, W[1], 0x71374491);
231 P(G, H, A, B, C, D, E, F, W[2], 0xB5C0FBCF);
232 P(F, G, H, A, B, C, D, E, W[3], 0xE9B5DBA5);
233 P(E, F, G, H, A, B, C, D, W[4], 0x3956C25B);
234 P(D, E, F, G, H, A, B, C, W[5], 0x59F111F1);
235 P(C, D, E, F, G, H, A, B, W[6], 0x923F82A4);
236 P(B, C, D, E, F, G, H, A, W[7], 0xAB1C5ED5);
237 P(A, B, C, D, E, F, G, H, W[8], 0xD807AA98);
238 P(H, A, B, C, D, E, F, G, W[9], 0x12835B01);
239 P(G, H, A, B, C, D, E, F, W[10], 0x243185BE);
240 P(F, G, H, A, B, C, D, E, W[11], 0x550C7DC3);
241 P(E, F, G, H, A, B, C, D, W[12], 0x72BE5D74);
242 P(D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE);
243 P(C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7);
244 P(B, C, D, E, F, G, H, A, W[15], 0xC19BF174);
245 P(A, B, C, D, E, F, G, H, R(16), 0xE49B69C1);
246 P(H, A, B, C, D, E, F, G, R(17), 0xEFBE4786);
247 P(G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6);
248 P(F, G, H, A, B, C, D, E, R(19), 0x240CA1CC);
249 P(E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F);
250 P(D, E, F, G, H, A, B, C, R(21), 0x4A7484AA);
251 P(C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC);
252 P(B, C, D, E, F, G, H, A, R(23), 0x76F988DA);
253 P(A, B, C, D, E, F, G, H, R(24), 0x983E5152);
254 P(H, A, B, C, D, E, F, G, R(25), 0xA831C66D);
255 P(G, H, A, B, C, D, E, F, R(26), 0xB00327C8);
256 P(F, G, H, A, B, C, D, E, R(27), 0xBF597FC7);
257 P(E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3);
258 P(D, E, F, G, H, A, B, C, R(29), 0xD5A79147);
259 P(C, D, E, F, G, H, A, B, R(30), 0x06CA6351);
260 P(B, C, D, E, F, G, H, A, R(31), 0x14292967);
261 P(A, B, C, D, E, F, G, H, R(32), 0x27B70A85);
262 P(H, A, B, C, D, E, F, G, R(33), 0x2E1B2138);
263 P(G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC);
264 P(F, G, H, A, B, C, D, E, R(35), 0x53380D13);
265 P(E, F, G, H, A, B, C, D, R(36), 0x650A7354);
266 P(D, E, F, G, H, A, B, C, R(37), 0x766A0ABB);
267 P(C, D, E, F, G, H, A, B, R(38), 0x81C2C92E);
268 P(B, C, D, E, F, G, H, A, R(39), 0x92722C85);
269 P(A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1);
270 P(H, A, B, C, D, E, F, G, R(41), 0xA81A664B);
271 P(G, H, A, B, C, D, E, F, R(42), 0xC24B8B70);
272 P(F, G, H, A, B, C, D, E, R(43), 0xC76C51A3);
273 P(E, F, G, H, A, B, C, D, R(44), 0xD192E819);
274 P(D, E, F, G, H, A, B, C, R(45), 0xD6990624);
275 P(C, D, E, F, G, H, A, B, R(46), 0xF40E3585);
276 P(B, C, D, E, F, G, H, A, R(47), 0x106AA070);
277 P(A, B, C, D, E, F, G, H, R(48), 0x19A4C116);
278 P(H, A, B, C, D, E, F, G, R(49), 0x1E376C08);
279 P(G, H, A, B, C, D, E, F, R(50), 0x2748774C);
280 P(F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5);
281 P(E, F, G, H, A, B, C, D, R(52), 0x391C0CB3);
282 P(D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A);
283 P(C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F);
284 P(B, C, D, E, F, G, H, A, R(55), 0x682E6FF3);
285 P(A, B, C, D, E, F, G, H, R(56), 0x748F82EE);
286 P(H, A, B, C, D, E, F, G, R(57), 0x78A5636F);
287 P(G, H, A, B, C, D, E, F, R(58), 0x84C87814);
288 P(F, G, H, A, B, C, D, E, R(59), 0x8CC70208);
289 P(E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA);
290 P(D, E, F, G, H, A, B, C, R(61), 0xA4506CEB);
291 P(C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7);
292 P(B, C, D, E, F, G, H, A, R(63), 0xC67178F2);
302 void CRYPT_SHA256Update(void* context, const uint8_t* input, FX_DWORD length) {
303 sha256_context* ctx = (sha256_context*)context;
308 left = ctx->total[0] & 0x3F;
310 ctx->total[0] += length;
311 ctx->total[0] &= 0xFFFFFFFF;
312 if (ctx->total[0] < length) {
315 if (left && length >= fill) {
316 FXSYS_memcpy((void*)(ctx->buffer + left), (void*)input, fill);
317 sha256_process(ctx, ctx->buffer);
322 while (length >= 64) {
323 sha256_process(ctx, input);
328 FXSYS_memcpy((void*)(ctx->buffer + left), (void*)input, length);
331 static const uint8_t sha256_padding[64] = {
332 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
333 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
334 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
335 void CRYPT_SHA256Finish(void* context, uint8_t digest[32]) {
336 sha256_context* ctx = (sha256_context*)context;
340 high = (ctx->total[0] >> 29) | (ctx->total[1] << 3);
341 low = (ctx->total[0] << 3);
342 PUT_FX_DWORD(high, msglen, 0);
343 PUT_FX_DWORD(low, msglen, 4);
344 last = ctx->total[0] & 0x3F;
345 padn = (last < 56) ? (56 - last) : (120 - last);
346 CRYPT_SHA256Update(ctx, sha256_padding, padn);
347 CRYPT_SHA256Update(ctx, msglen, 8);
348 PUT_FX_DWORD(ctx->state[0], digest, 0);
349 PUT_FX_DWORD(ctx->state[1], digest, 4);
350 PUT_FX_DWORD(ctx->state[2], digest, 8);
351 PUT_FX_DWORD(ctx->state[3], digest, 12);
352 PUT_FX_DWORD(ctx->state[4], digest, 16);
353 PUT_FX_DWORD(ctx->state[5], digest, 20);
354 PUT_FX_DWORD(ctx->state[6], digest, 24);
355 PUT_FX_DWORD(ctx->state[7], digest, 28);
357 void CRYPT_SHA256Generate(const uint8_t* data,
359 uint8_t digest[32]) {
361 CRYPT_SHA256Start(&ctx);
362 CRYPT_SHA256Update(&ctx, data, size);
363 CRYPT_SHA256Finish(&ctx, digest);
370 uint64_t FX_ato64i(const FX_CHAR* str) {
371 FXSYS_assert(str != NULL);
373 int len = (int)FXSYS_strlen(str);
374 len = len > 16 ? 16 : len;
375 for (int i = 0; i < len; ++i) {
379 if (str[i] >= '0' && str[i] <= '9') {
380 ret |= (str[i] - '0') & 0xFF;
381 } else if (str[i] >= 'a' && str[i] <= 'f') {
382 ret |= (str[i] - 'a' + 10) & 0xFF;
383 } else if (str[i] >= 'A' && str[i] <= 'F') {
384 ret |= (str[i] - 'A' + 10) & 0xFF;
391 void CRYPT_SHA384Start(void* context) {
392 if (context == NULL) {
395 sha384_context* ctx = (sha384_context*)context;
396 FXSYS_memset(ctx, 0, sizeof(sha384_context));
397 ctx->state[0] = FX_ato64i("cbbb9d5dc1059ed8");
398 ctx->state[1] = FX_ato64i("629a292a367cd507");
399 ctx->state[2] = FX_ato64i("9159015a3070dd17");
400 ctx->state[3] = FX_ato64i("152fecd8f70e5939");
401 ctx->state[4] = FX_ato64i("67332667ffc00b31");
402 ctx->state[5] = FX_ato64i("8eb44a8768581511");
403 ctx->state[6] = FX_ato64i("db0c2e0d64f98fa7");
404 ctx->state[7] = FX_ato64i("47b5481dbefa4fa4");
406 #define SHA384_F0(x, y, z) ((x & y) | (z & (x | y)))
407 #define SHA384_F1(x, y, z) (z ^ (x & (y ^ z)))
408 #define SHA384_SHR(x, n) (x >> n)
409 #define SHA384_ROTR(x, n) (SHA384_SHR(x, n) | x << (64 - n))
410 #define SHA384_S0(x) (SHA384_ROTR(x, 1) ^ SHA384_ROTR(x, 8) ^ SHA384_SHR(x, 7))
411 #define SHA384_S1(x) \
412 (SHA384_ROTR(x, 19) ^ SHA384_ROTR(x, 61) ^ SHA384_SHR(x, 6))
413 #define SHA384_S2(x) \
414 (SHA384_ROTR(x, 28) ^ SHA384_ROTR(x, 34) ^ SHA384_ROTR(x, 39))
415 #define SHA384_S3(x) \
416 (SHA384_ROTR(x, 14) ^ SHA384_ROTR(x, 18) ^ SHA384_ROTR(x, 41))
417 #define SHA384_P(a, b, c, d, e, f, g, h, x, K) \
419 temp1 = h + SHA384_S3(e) + SHA384_F1(e, f, g) + K + x; \
420 temp2 = SHA384_S2(a) + SHA384_F0(a, b, c); \
424 static const uint8_t sha384_padding[128] = {
425 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
426 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
427 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
428 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
429 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
430 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
432 #define SHA384_R(t) \
433 (W[t] = SHA384_S1(W[t - 2]) + W[t - 7] + SHA384_S0(W[t - 15]) + W[t - 16])
434 static const FX_CHAR* constants[] = {
435 "428a2f98d728ae22", "7137449123ef65cd", "b5c0fbcfec4d3b2f",
436 "e9b5dba58189dbbc", "3956c25bf348b538", "59f111f1b605d019",
437 "923f82a4af194f9b", "ab1c5ed5da6d8118", "d807aa98a3030242",
438 "12835b0145706fbe", "243185be4ee4b28c", "550c7dc3d5ffb4e2",
439 "72be5d74f27b896f", "80deb1fe3b1696b1", "9bdc06a725c71235",
440 "c19bf174cf692694", "e49b69c19ef14ad2", "efbe4786384f25e3",
441 "0fc19dc68b8cd5b5", "240ca1cc77ac9c65", "2de92c6f592b0275",
442 "4a7484aa6ea6e483", "5cb0a9dcbd41fbd4", "76f988da831153b5",
443 "983e5152ee66dfab", "a831c66d2db43210", "b00327c898fb213f",
444 "bf597fc7beef0ee4", "c6e00bf33da88fc2", "d5a79147930aa725",
445 "06ca6351e003826f", "142929670a0e6e70", "27b70a8546d22ffc",
446 "2e1b21385c26c926", "4d2c6dfc5ac42aed", "53380d139d95b3df",
447 "650a73548baf63de", "766a0abb3c77b2a8", "81c2c92e47edaee6",
448 "92722c851482353b", "a2bfe8a14cf10364", "a81a664bbc423001",
449 "c24b8b70d0f89791", "c76c51a30654be30", "d192e819d6ef5218",
450 "d69906245565a910", "f40e35855771202a", "106aa07032bbd1b8",
451 "19a4c116b8d2d0c8", "1e376c085141ab53", "2748774cdf8eeb99",
452 "34b0bcb5e19b48a8", "391c0cb3c5c95a63", "4ed8aa4ae3418acb",
453 "5b9cca4f7763e373", "682e6ff3d6b2b8a3", "748f82ee5defb2fc",
454 "78a5636f43172f60", "84c87814a1f0ab72", "8cc702081a6439ec",
455 "90befffa23631e28", "a4506cebde82bde9", "bef9a3f7b2c67915",
456 "c67178f2e372532b", "ca273eceea26619c", "d186b8c721c0c207",
457 "eada7dd6cde0eb1e", "f57d4f7fee6ed178", "06f067aa72176fba",
458 "0a637dc5a2c898a6", "113f9804bef90dae", "1b710b35131c471b",
459 "28db77f523047d84", "32caab7b40c72493", "3c9ebe0a15c9bebc",
460 "431d67c49c100d4c", "4cc5d4becb3e42b6", "597f299cfc657e2a",
461 "5fcb6fab3ad6faec", "6c44198c4a475817",
463 #define GET_FX_64WORD(n, b, i) \
465 (n) = ((uint64_t)(b)[(i)] << 56) | ((uint64_t)(b)[(i) + 1] << 48) | \
466 ((uint64_t)(b)[(i) + 2] << 40) | ((uint64_t)(b)[(i) + 3] << 32) | \
467 ((uint64_t)(b)[(i) + 4] << 24) | ((uint64_t)(b)[(i) + 5] << 16) | \
468 ((uint64_t)(b)[(i) + 6] << 8) | ((uint64_t)(b)[(i) + 7]); \
470 #define PUT_FX_64DWORD(n, b, i) \
472 (b)[(i)] = (uint8_t)((n) >> 56); \
473 (b)[(i) + 1] = (uint8_t)((n) >> 48); \
474 (b)[(i) + 2] = (uint8_t)((n) >> 40); \
475 (b)[(i) + 3] = (uint8_t)((n) >> 32); \
476 (b)[(i) + 4] = (uint8_t)((n) >> 24); \
477 (b)[(i) + 5] = (uint8_t)((n) >> 16); \
478 (b)[(i) + 6] = (uint8_t)((n) >> 8); \
479 (b)[(i) + 7] = (uint8_t)((n)); \
481 static void sha384_process(sha384_context* ctx, const uint8_t data[128]) {
482 uint64_t temp1, temp2;
483 uint64_t A, B, C, D, E, F, G, H;
485 GET_FX_64WORD(W[0], data, 0);
486 GET_FX_64WORD(W[1], data, 8);
487 GET_FX_64WORD(W[2], data, 16);
488 GET_FX_64WORD(W[3], data, 24);
489 GET_FX_64WORD(W[4], data, 32);
490 GET_FX_64WORD(W[5], data, 40);
491 GET_FX_64WORD(W[6], data, 48);
492 GET_FX_64WORD(W[7], data, 56);
493 GET_FX_64WORD(W[8], data, 64);
494 GET_FX_64WORD(W[9], data, 72);
495 GET_FX_64WORD(W[10], data, 80);
496 GET_FX_64WORD(W[11], data, 88);
497 GET_FX_64WORD(W[12], data, 96);
498 GET_FX_64WORD(W[13], data, 104);
499 GET_FX_64WORD(W[14], data, 112);
500 GET_FX_64WORD(W[15], data, 120);
509 for (int i = 0; i < 10; ++i) {
513 temp[1] = W[i * 8 + 1];
514 temp[2] = W[i * 8 + 2];
515 temp[3] = W[i * 8 + 3];
516 temp[4] = W[i * 8 + 4];
517 temp[5] = W[i * 8 + 5];
518 temp[6] = W[i * 8 + 6];
519 temp[7] = W[i * 8 + 7];
521 temp[0] = SHA384_R(i * 8);
522 temp[1] = SHA384_R(i * 8 + 1);
523 temp[2] = SHA384_R(i * 8 + 2);
524 temp[3] = SHA384_R(i * 8 + 3);
525 temp[4] = SHA384_R(i * 8 + 4);
526 temp[5] = SHA384_R(i * 8 + 5);
527 temp[6] = SHA384_R(i * 8 + 6);
528 temp[7] = SHA384_R(i * 8 + 7);
530 SHA384_P(A, B, C, D, E, F, G, H, temp[0], FX_ato64i(constants[i * 8]));
531 SHA384_P(H, A, B, C, D, E, F, G, temp[1], FX_ato64i(constants[i * 8 + 1]));
532 SHA384_P(G, H, A, B, C, D, E, F, temp[2], FX_ato64i(constants[i * 8 + 2]));
533 SHA384_P(F, G, H, A, B, C, D, E, temp[3], FX_ato64i(constants[i * 8 + 3]));
534 SHA384_P(E, F, G, H, A, B, C, D, temp[4], FX_ato64i(constants[i * 8 + 4]));
535 SHA384_P(D, E, F, G, H, A, B, C, temp[5], FX_ato64i(constants[i * 8 + 5]));
536 SHA384_P(C, D, E, F, G, H, A, B, temp[6], FX_ato64i(constants[i * 8 + 6]));
537 SHA384_P(B, C, D, E, F, G, H, A, temp[7], FX_ato64i(constants[i * 8 + 7]));
548 void CRYPT_SHA384Update(void* context, const uint8_t* input, FX_DWORD length) {
549 sha384_context* ctx = (sha384_context*)context;
554 left = (FX_DWORD)ctx->total[0] & 0x7F;
556 ctx->total[0] += length;
557 if (ctx->total[0] < length) {
560 if (left && length >= fill) {
561 FXSYS_memcpy((void*)(ctx->buffer + left), (void*)input, fill);
562 sha384_process(ctx, ctx->buffer);
567 while (length >= 128) {
568 sha384_process(ctx, input);
573 FXSYS_memcpy((void*)(ctx->buffer + left), (void*)input, length);
576 void CRYPT_SHA384Finish(void* context, uint8_t digest[48]) {
577 sha384_context* ctx = (sha384_context*)context;
580 FXSYS_memset(msglen, 0, 16);
582 high = (ctx->total[0] >> 29) | (ctx->total[1] << 3);
583 low = (ctx->total[0] << 3);
584 PUT_FX_64DWORD(high, msglen, 0);
585 PUT_FX_64DWORD(low, msglen, 8);
586 last = (FX_DWORD)ctx->total[0] & 0x7F;
587 padn = (last < 112) ? (112 - last) : (240 - last);
588 CRYPT_SHA384Update(ctx, sha384_padding, padn);
589 CRYPT_SHA384Update(ctx, msglen, 16);
590 PUT_FX_64DWORD(ctx->state[0], digest, 0);
591 PUT_FX_64DWORD(ctx->state[1], digest, 8);
592 PUT_FX_64DWORD(ctx->state[2], digest, 16);
593 PUT_FX_64DWORD(ctx->state[3], digest, 24);
594 PUT_FX_64DWORD(ctx->state[4], digest, 32);
595 PUT_FX_64DWORD(ctx->state[5], digest, 40);
597 void CRYPT_SHA384Generate(const uint8_t* data,
599 uint8_t digest[64]) {
600 sha384_context context;
601 CRYPT_SHA384Start(&context);
602 CRYPT_SHA384Update(&context, data, size);
603 CRYPT_SHA384Finish(&context, digest);
605 void CRYPT_SHA512Start(void* context) {
606 if (context == NULL) {
609 sha384_context* ctx = (sha384_context*)context;
610 FXSYS_memset(ctx, 0, sizeof(sha384_context));
611 ctx->state[0] = FX_ato64i("6a09e667f3bcc908");
612 ctx->state[1] = FX_ato64i("bb67ae8584caa73b");
613 ctx->state[2] = FX_ato64i("3c6ef372fe94f82b");
614 ctx->state[3] = FX_ato64i("a54ff53a5f1d36f1");
615 ctx->state[4] = FX_ato64i("510e527fade682d1");
616 ctx->state[5] = FX_ato64i("9b05688c2b3e6c1f");
617 ctx->state[6] = FX_ato64i("1f83d9abfb41bd6b");
618 ctx->state[7] = FX_ato64i("5be0cd19137e2179");
620 void CRYPT_SHA512Update(void* context, const uint8_t* data, FX_DWORD size) {
621 CRYPT_SHA384Update(context, data, size);
623 void CRYPT_SHA512Finish(void* context, uint8_t digest[64]) {
624 sha384_context* ctx = (sha384_context*)context;
627 FXSYS_memset(msglen, 0, 16);
629 high = (ctx->total[0] >> 29) | (ctx->total[1] << 3);
630 low = (ctx->total[0] << 3);
631 PUT_FX_64DWORD(high, msglen, 0);
632 PUT_FX_64DWORD(low, msglen, 8);
633 last = (FX_DWORD)ctx->total[0] & 0x7F;
634 padn = (last < 112) ? (112 - last) : (240 - last);
635 CRYPT_SHA512Update(ctx, sha384_padding, padn);
636 CRYPT_SHA512Update(ctx, msglen, 16);
637 PUT_FX_64DWORD(ctx->state[0], digest, 0);
638 PUT_FX_64DWORD(ctx->state[1], digest, 8);
639 PUT_FX_64DWORD(ctx->state[2], digest, 16);
640 PUT_FX_64DWORD(ctx->state[3], digest, 24);
641 PUT_FX_64DWORD(ctx->state[4], digest, 32);
642 PUT_FX_64DWORD(ctx->state[5], digest, 40);
643 PUT_FX_64DWORD(ctx->state[6], digest, 48);
644 PUT_FX_64DWORD(ctx->state[7], digest, 56);
646 void CRYPT_SHA512Generate(const uint8_t* data,
648 uint8_t digest[64]) {
649 sha384_context context;
650 CRYPT_SHA512Start(&context);
651 CRYPT_SHA512Update(&context, data, size);
652 CRYPT_SHA512Finish(&context, digest);