Lines Matching +full:a +full:- +full:m
2 /*-
3 * SPDX-License-Identifier: BSD-3-Clause
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
34 * FIPS pub 180-1: Secure Hash Algorithm (SHA-1)
35 * based on: http://csrc.nist.gov/fips/fip180-1.txt
36 * implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
64 #define S(n, x) (((x) << (n)) | ((x) >> (32 - n)))
66 #define H(n) (ctxt->h.b32[(n)])
67 #define COUNT (ctxt->count)
68 #define BCOUNT (ctxt->c.b64[0] / 8)
69 #define W(n) (ctxt->m.b32[(n)])
72 ctxt->m.b8[(COUNT % 64)] = (x); \
75 ctxt->c.b64[0] += 8; \
81 ctxt->m.b8[(COUNT % 64)] = (x); \
93 uint32_t a, b, c, d, e; in sha1_step() local
99 bcopy(&ctxt->m.b8[0], &tctxt.m.b8[0], 64); in sha1_step()
100 ctxt->m.b8[0] = tctxt.m.b8[3]; ctxt->m.b8[1] = tctxt.m.b8[2]; in sha1_step()
101 ctxt->m.b8[2] = tctxt.m.b8[1]; ctxt->m.b8[3] = tctxt.m.b8[0]; in sha1_step()
102 ctxt->m.b8[4] = tctxt.m.b8[7]; ctxt->m.b8[5] = tctxt.m.b8[6]; in sha1_step()
103 ctxt->m.b8[6] = tctxt.m.b8[5]; ctxt->m.b8[7] = tctxt.m.b8[4]; in sha1_step()
104 ctxt->m.b8[8] = tctxt.m.b8[11]; ctxt->m.b8[9] = tctxt.m.b8[10]; in sha1_step()
105 ctxt->m.b8[10] = tctxt.m.b8[9]; ctxt->m.b8[11] = tctxt.m.b8[8]; in sha1_step()
106 ctxt->m.b8[12] = tctxt.m.b8[15]; ctxt->m.b8[13] = tctxt.m.b8[14]; in sha1_step()
107 ctxt->m.b8[14] = tctxt.m.b8[13]; ctxt->m.b8[15] = tctxt.m.b8[12]; in sha1_step()
108 ctxt->m.b8[16] = tctxt.m.b8[19]; ctxt->m.b8[17] = tctxt.m.b8[18]; in sha1_step()
109 ctxt->m.b8[18] = tctxt.m.b8[17]; ctxt->m.b8[19] = tctxt.m.b8[16]; in sha1_step()
110 ctxt->m.b8[20] = tctxt.m.b8[23]; ctxt->m.b8[21] = tctxt.m.b8[22]; in sha1_step()
111 ctxt->m.b8[22] = tctxt.m.b8[21]; ctxt->m.b8[23] = tctxt.m.b8[20]; in sha1_step()
112 ctxt->m.b8[24] = tctxt.m.b8[27]; ctxt->m.b8[25] = tctxt.m.b8[26]; in sha1_step()
113 ctxt->m.b8[26] = tctxt.m.b8[25]; ctxt->m.b8[27] = tctxt.m.b8[24]; in sha1_step()
114 ctxt->m.b8[28] = tctxt.m.b8[31]; ctxt->m.b8[29] = tctxt.m.b8[30]; in sha1_step()
115 ctxt->m.b8[30] = tctxt.m.b8[29]; ctxt->m.b8[31] = tctxt.m.b8[28]; in sha1_step()
116 ctxt->m.b8[32] = tctxt.m.b8[35]; ctxt->m.b8[33] = tctxt.m.b8[34]; in sha1_step()
117 ctxt->m.b8[34] = tctxt.m.b8[33]; ctxt->m.b8[35] = tctxt.m.b8[32]; in sha1_step()
118 ctxt->m.b8[36] = tctxt.m.b8[39]; ctxt->m.b8[37] = tctxt.m.b8[38]; in sha1_step()
119 ctxt->m.b8[38] = tctxt.m.b8[37]; ctxt->m.b8[39] = tctxt.m.b8[36]; in sha1_step()
120 ctxt->m.b8[40] = tctxt.m.b8[43]; ctxt->m.b8[41] = tctxt.m.b8[42]; in sha1_step()
121 ctxt->m.b8[42] = tctxt.m.b8[41]; ctxt->m.b8[43] = tctxt.m.b8[40]; in sha1_step()
122 ctxt->m.b8[44] = tctxt.m.b8[47]; ctxt->m.b8[45] = tctxt.m.b8[46]; in sha1_step()
123 ctxt->m.b8[46] = tctxt.m.b8[45]; ctxt->m.b8[47] = tctxt.m.b8[44]; in sha1_step()
124 ctxt->m.b8[48] = tctxt.m.b8[51]; ctxt->m.b8[49] = tctxt.m.b8[50]; in sha1_step()
125 ctxt->m.b8[50] = tctxt.m.b8[49]; ctxt->m.b8[51] = tctxt.m.b8[48]; in sha1_step()
126 ctxt->m.b8[52] = tctxt.m.b8[55]; ctxt->m.b8[53] = tctxt.m.b8[54]; in sha1_step()
127 ctxt->m.b8[54] = tctxt.m.b8[53]; ctxt->m.b8[55] = tctxt.m.b8[52]; in sha1_step()
128 ctxt->m.b8[56] = tctxt.m.b8[59]; ctxt->m.b8[57] = tctxt.m.b8[58]; in sha1_step()
129 ctxt->m.b8[58] = tctxt.m.b8[57]; ctxt->m.b8[59] = tctxt.m.b8[56]; in sha1_step()
130 ctxt->m.b8[60] = tctxt.m.b8[63]; ctxt->m.b8[61] = tctxt.m.b8[62]; in sha1_step()
131 ctxt->m.b8[62] = tctxt.m.b8[61]; ctxt->m.b8[63] = tctxt.m.b8[60]; in sha1_step()
134 a = H(0); b = H(1); c = H(2); d = H(3); e = H(4); in sha1_step()
141 tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t); in sha1_step()
142 e = d; d = c; c = S(30, b); b = a; a = tmp; in sha1_step()
147 tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t); in sha1_step()
148 e = d; d = c; c = S(30, b); b = a; a = tmp; in sha1_step()
153 tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t); in sha1_step()
154 e = d; d = c; c = S(30, b); b = a; a = tmp; in sha1_step()
159 tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t); in sha1_step()
160 e = d; d = c; c = S(30, b); b = a; a = tmp; in sha1_step()
163 H(0) = H(0) + a; in sha1_step()
169 bzero(&ctxt->m.b8[0], 64); in sha1_step()
172 /*------------------------------------------------------------*/
194 padlen = 64 - padstart; in sha1_pad()
196 bzero(&ctxt->m.b8[padstart], padlen); in sha1_pad()
201 padlen = 64 - padstart; /* should be 64 */ in sha1_pad()
203 bzero(&ctxt->m.b8[padstart], padlen - 8); in sha1_pad()
204 COUNT += (padlen - 8); in sha1_pad()
207 PUTPAD(ctxt->c.b8[0]); PUTPAD(ctxt->c.b8[1]); in sha1_pad()
208 PUTPAD(ctxt->c.b8[2]); PUTPAD(ctxt->c.b8[3]); in sha1_pad()
209 PUTPAD(ctxt->c.b8[4]); PUTPAD(ctxt->c.b8[5]); in sha1_pad()
210 PUTPAD(ctxt->c.b8[6]); PUTPAD(ctxt->c.b8[7]); in sha1_pad()
212 PUTPAD(ctxt->c.b8[7]); PUTPAD(ctxt->c.b8[6]); in sha1_pad()
213 PUTPAD(ctxt->c.b8[5]); PUTPAD(ctxt->c.b8[4]); in sha1_pad()
214 PUTPAD(ctxt->c.b8[3]); PUTPAD(ctxt->c.b8[2]); in sha1_pad()
215 PUTPAD(ctxt->c.b8[1]); PUTPAD(ctxt->c.b8[0]); in sha1_pad()
231 gaplen = 64 - gapstart; in sha1_loop()
233 copysiz = (gaplen < len - off) ? gaplen : len - off; in sha1_loop()
234 bcopy(&input[off], &ctxt->m.b8[gapstart], copysiz); in sha1_loop()
237 ctxt->c.b64[0] += copysiz * 8; in sha1_loop()
252 bcopy(&ctxt->h.b8[0], digest, SHA1_RESULTLEN); in sha1_result()
254 digest[0] = ctxt->h.b8[3]; digest[1] = ctxt->h.b8[2]; in sha1_result()
255 digest[2] = ctxt->h.b8[1]; digest[3] = ctxt->h.b8[0]; in sha1_result()
256 digest[4] = ctxt->h.b8[7]; digest[5] = ctxt->h.b8[6]; in sha1_result()
257 digest[6] = ctxt->h.b8[5]; digest[7] = ctxt->h.b8[4]; in sha1_result()
258 digest[8] = ctxt->h.b8[11]; digest[9] = ctxt->h.b8[10]; in sha1_result()
259 digest[10] = ctxt->h.b8[9]; digest[11] = ctxt->h.b8[8]; in sha1_result()
260 digest[12] = ctxt->h.b8[15]; digest[13] = ctxt->h.b8[14]; in sha1_result()
261 digest[14] = ctxt->h.b8[13]; digest[15] = ctxt->h.b8[12]; in sha1_result()
262 digest[16] = ctxt->h.b8[19]; digest[17] = ctxt->h.b8[18]; in sha1_result()
263 digest[18] = ctxt->h.b8[17]; digest[19] = ctxt->h.b8[16]; in sha1_result()