ceph/src/crypto/isa-l/isa-l_crypto/sha256_mb/sha256_ref.c

   1 /**********************************************************************
   2   Copyright(c) 2011-2016 Intel Corporation All rights reserved.
   3
   4   Redistribution and use in source and binary forms, with or without
   5   modification, are permitted provided that the following conditions
   6   are met:
   7     * Redistributions of source code must retain the above copyright
   8       notice, this list of conditions and the following disclaimer.
   9     * Redistributions in binary form must reproduce the above copyright
  10       notice, this list of conditions and the following disclaimer in
  11       the documentation and/or other materials provided with the
  12       distribution.
  13     * Neither the name of Intel Corporation nor the names of its
  14       contributors may be used to endorse or promote products derived
  15       from this software without specific prior written permission.
  16
  17   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  18   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  19   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  20   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  21   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  22   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  23   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  24   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  25   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  26   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  27   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  28 **********************************************************************/
  29
  30 #include <string.h>
  31 #include "sha256_mb.h"
  32
  33 ////////////////////////////////////////////////////////////////////////
  34 ////////////////////////////////////////////////////////////////////////
  35 // Reference SHA256 Functions
  36 ////////////////////////////////////////////////////////////////////////
  37 ////////////////////////////////////////////////////////////////////////
  38
  39 #define H0 0x6a09e667
  40 #define H1 0xbb67ae85
  41 #define H2 0x3c6ef372
  42 #define H3 0xa54ff53a
  43 #define H4 0x510e527f
  44 #define H5 0x9b05688c
  45 #define H6 0x1f83d9ab
  46 #define H7 0x5be0cd19
  47
  48 #define ror32(x, r) (((x)>>(r)) ^ ((x)<<(32-(r))))
  49 #define bswap(x) (((x)<<24) | (((x)&0xff00)<<8) | (((x)&0xff0000)>>8) | ((x)>>24))
  50
  51 #define W(x) w[(x) & 15]
  52
  53 #define S0(w) (ror32(w,7) ^ ror32(w,18) ^ (w >> 3))
  54 #define S1(w) (ror32(w,17) ^ ror32(w,19) ^ (w >> 10))
  55
  56 #define s0(a) (ror32(a,2) ^ ror32(a,13) ^ ror32(a,22))
  57 #define s1(e) (ror32(e,6) ^ ror32(e,11) ^ ror32(e,25))
  58 #define maj(a,b,c) ((a & b) ^ (a & c) ^ (b & c))
  59 #define ch(e,f,g) ((e & f) ^ (g & ~e))
  60
  61 #define step(i,a,b,c,d,e,f,g,h,k) \
  62         if (i<16) W(i) = bswap(ww[i]); \
  63         else \
  64         W(i) = W(i-16) + S0(W(i-15)) + W(i-7) + S1(W(i-2)); \
  65         t2 = s0(a) + maj(a,b,c); \
  66         t1 = h + s1(e) + ch(e,f,g) + k + W(i); \
  67         d += t1; \
  68         h = t1 + t2;
  69
  70 void sha256_single(const uint8_t * data, uint32_t digest[]);
  71
  72 void sha256_ref(const uint8_t * input_data, uint32_t * digest, const uint32_t len)
  73 {
  74         uint32_t i, j;
  75         uint8_t buf[2 * SHA256_BLOCK_SIZE];
  76         union {
  77                 uint64_t uint;
  78                 uint8_t uchar[8];
  79         } convert;
  80         uint8_t *p;
  81
  82         digest[0] = H0;
  83         digest[1] = H1;
  84         digest[2] = H2;
  85         digest[3] = H3;
  86         digest[4] = H4;
  87         digest[5] = H5;
  88         digest[6] = H6;
  89         digest[7] = H7;
  90
  91         i = len;
  92         while (i >= SHA256_BLOCK_SIZE) {
  93                 sha256_single(input_data, digest);
  94                 input_data += SHA256_BLOCK_SIZE;
  95                 i -= SHA256_BLOCK_SIZE;
  96         }
  97
  98         memcpy(buf, input_data, i);
  99         buf[i++] = 0x80;
 100         for (j = i; j < ((2 * SHA256_BLOCK_SIZE) - SHA256_PADLENGTHFIELD_SIZE); j++)
 101                 buf[j] = 0;
 102
 103         if (i > SHA256_BLOCK_SIZE - SHA256_PADLENGTHFIELD_SIZE)
 104                 i = 2 * SHA256_BLOCK_SIZE;
 105         else
 106                 i = SHA256_BLOCK_SIZE;
 107
 108         convert.uint = 8 * len;
 109         p = buf + i - 8;
 110         p[0] = convert.uchar[7];
 111         p[1] = convert.uchar[6];
 112         p[2] = convert.uchar[5];
 113         p[3] = convert.uchar[4];
 114         p[4] = convert.uchar[3];
 115         p[5] = convert.uchar[2];
 116         p[6] = convert.uchar[1];
 117         p[7] = convert.uchar[0];
 118
 119         sha256_single(buf, digest);
 120         if (i == 2 * SHA256_BLOCK_SIZE)
 121                 sha256_single(buf + SHA256_BLOCK_SIZE, digest);
 122 }
 123
 124 void sha256_single(const uint8_t * data, uint32_t digest[])
 125 {
 126         uint32_t a, b, c, d, e, f, g, h, t1, t2;
 127         uint32_t w[16];
 128         uint32_t *ww = (uint32_t *) data;
 129
 130         a = digest[0];
 131         b = digest[1];
 132         c = digest[2];
 133         d = digest[3];
 134         e = digest[4];
 135         f = digest[5];
 136         g = digest[6];
 137         h = digest[7];
 138
 139         step(0, a, b, c, d, e, f, g, h, 0x428a2f98);
 140         step(1, h, a, b, c, d, e, f, g, 0x71374491);
 141         step(2, g, h, a, b, c, d, e, f, 0xb5c0fbcf);
 142         step(3, f, g, h, a, b, c, d, e, 0xe9b5dba5);
 143         step(4, e, f, g, h, a, b, c, d, 0x3956c25b);
 144         step(5, d, e, f, g, h, a, b, c, 0x59f111f1);
 145         step(6, c, d, e, f, g, h, a, b, 0x923f82a4);
 146         step(7, b, c, d, e, f, g, h, a, 0xab1c5ed5);
 147         step(8, a, b, c, d, e, f, g, h, 0xd807aa98);
 148         step(9, h, a, b, c, d, e, f, g, 0x12835b01);
 149         step(10, g, h, a, b, c, d, e, f, 0x243185be);
 150         step(11, f, g, h, a, b, c, d, e, 0x550c7dc3);
 151         step(12, e, f, g, h, a, b, c, d, 0x72be5d74);
 152         step(13, d, e, f, g, h, a, b, c, 0x80deb1fe);
 153         step(14, c, d, e, f, g, h, a, b, 0x9bdc06a7);
 154         step(15, b, c, d, e, f, g, h, a, 0xc19bf174);
 155         step(16, a, b, c, d, e, f, g, h, 0xe49b69c1);
 156         step(17, h, a, b, c, d, e, f, g, 0xefbe4786);
 157         step(18, g, h, a, b, c, d, e, f, 0x0fc19dc6);
 158         step(19, f, g, h, a, b, c, d, e, 0x240ca1cc);
 159         step(20, e, f, g, h, a, b, c, d, 0x2de92c6f);
 160         step(21, d, e, f, g, h, a, b, c, 0x4a7484aa);
 161         step(22, c, d, e, f, g, h, a, b, 0x5cb0a9dc);
 162         step(23, b, c, d, e, f, g, h, a, 0x76f988da);
 163         step(24, a, b, c, d, e, f, g, h, 0x983e5152);
 164         step(25, h, a, b, c, d, e, f, g, 0xa831c66d);
 165         step(26, g, h, a, b, c, d, e, f, 0xb00327c8);
 166         step(27, f, g, h, a, b, c, d, e, 0xbf597fc7);
 167         step(28, e, f, g, h, a, b, c, d, 0xc6e00bf3);
 168         step(29, d, e, f, g, h, a, b, c, 0xd5a79147);
 169         step(30, c, d, e, f, g, h, a, b, 0x06ca6351);
 170         step(31, b, c, d, e, f, g, h, a, 0x14292967);
 171         step(32, a, b, c, d, e, f, g, h, 0x27b70a85);
 172         step(33, h, a, b, c, d, e, f, g, 0x2e1b2138);
 173         step(34, g, h, a, b, c, d, e, f, 0x4d2c6dfc);
 174         step(35, f, g, h, a, b, c, d, e, 0x53380d13);
 175         step(36, e, f, g, h, a, b, c, d, 0x650a7354);
 176         step(37, d, e, f, g, h, a, b, c, 0x766a0abb);
 177         step(38, c, d, e, f, g, h, a, b, 0x81c2c92e);
 178         step(39, b, c, d, e, f, g, h, a, 0x92722c85);
 179         step(40, a, b, c, d, e, f, g, h, 0xa2bfe8a1);
 180         step(41, h, a, b, c, d, e, f, g, 0xa81a664b);
 181         step(42, g, h, a, b, c, d, e, f, 0xc24b8b70);
 182         step(43, f, g, h, a, b, c, d, e, 0xc76c51a3);
 183         step(44, e, f, g, h, a, b, c, d, 0xd192e819);
 184         step(45, d, e, f, g, h, a, b, c, 0xd6990624);
 185         step(46, c, d, e, f, g, h, a, b, 0xf40e3585);
 186         step(47, b, c, d, e, f, g, h, a, 0x106aa070);
 187         step(48, a, b, c, d, e, f, g, h, 0x19a4c116);
 188         step(49, h, a, b, c, d, e, f, g, 0x1e376c08);
 189         step(50, g, h, a, b, c, d, e, f, 0x2748774c);
 190         step(51, f, g, h, a, b, c, d, e, 0x34b0bcb5);
 191         step(52, e, f, g, h, a, b, c, d, 0x391c0cb3);
 192         step(53, d, e, f, g, h, a, b, c, 0x4ed8aa4a);
 193         step(54, c, d, e, f, g, h, a, b, 0x5b9cca4f);
 194         step(55, b, c, d, e, f, g, h, a, 0x682e6ff3);
 195         step(56, a, b, c, d, e, f, g, h, 0x748f82ee);
 196         step(57, h, a, b, c, d, e, f, g, 0x78a5636f);
 197         step(58, g, h, a, b, c, d, e, f, 0x84c87814);
 198         step(59, f, g, h, a, b, c, d, e, 0x8cc70208);
 199         step(60, e, f, g, h, a, b, c, d, 0x90befffa);
 200         step(61, d, e, f, g, h, a, b, c, 0xa4506ceb);
 201         step(62, c, d, e, f, g, h, a, b, 0xbef9a3f7);
 202         step(63, b, c, d, e, f, g, h, a, 0xc67178f2);
 203
 204         digest[0] += a;
 205         digest[1] += b;
 206         digest[2] += c;
 207         digest[3] += d;
 208         digest[4] += e;
 209         digest[5] += f;
 210         digest[6] += g;
 211         digest[7] += h;
 212 }