1c177a86bSGarrett Wollman /* crypto/sha/sha_locl.h */ 2c177a86bSGarrett Wollman /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3c177a86bSGarrett Wollman * All rights reserved. 4c177a86bSGarrett Wollman * 5c177a86bSGarrett Wollman * This package is an SSL implementation written 6c177a86bSGarrett Wollman * by Eric Young (eay@cryptsoft.com). 7c177a86bSGarrett Wollman * The implementation was written so as to conform with Netscapes SSL. 8c177a86bSGarrett Wollman * 9c177a86bSGarrett Wollman * This library is free for commercial and non-commercial use as long as 10c177a86bSGarrett Wollman * the following conditions are aheared to. The following conditions 11c177a86bSGarrett Wollman * apply to all code found in this distribution, be it the RC4, RSA, 12c177a86bSGarrett Wollman * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13c177a86bSGarrett Wollman * included with this distribution is covered by the same copyright terms 14c177a86bSGarrett Wollman * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15c177a86bSGarrett Wollman * 16c177a86bSGarrett Wollman * Copyright remains Eric Young's, and as such any Copyright notices in 17c177a86bSGarrett Wollman * the code are not to be removed. 18c177a86bSGarrett Wollman * If this package is used in a product, Eric Young should be given attribution 19c177a86bSGarrett Wollman * as the author of the parts of the library used. 20c177a86bSGarrett Wollman * This can be in the form of a textual message at program startup or 21c177a86bSGarrett Wollman * in documentation (online or textual) provided with the package. 22c177a86bSGarrett Wollman * 23c177a86bSGarrett Wollman * Redistribution and use in source and binary forms, with or without 24c177a86bSGarrett Wollman * modification, are permitted provided that the following conditions 25c177a86bSGarrett Wollman * are met: 26c177a86bSGarrett Wollman * 1. Redistributions of source code must retain the copyright 27c177a86bSGarrett Wollman * notice, this list of conditions and the following disclaimer. 28c177a86bSGarrett Wollman * 2. Redistributions in binary form must reproduce the above copyright 29c177a86bSGarrett Wollman * notice, this list of conditions and the following disclaimer in the 30c177a86bSGarrett Wollman * documentation and/or other materials provided with the distribution. 31c177a86bSGarrett Wollman * 3. All advertising materials mentioning features or use of this software 32c177a86bSGarrett Wollman * must display the following acknowledgement: 33c177a86bSGarrett Wollman * "This product includes cryptographic software written by 34c177a86bSGarrett Wollman * Eric Young (eay@cryptsoft.com)" 35*3e5a11d5SGordon Bergling * The word 'cryptographic' can be left out if the routines from the library 36c177a86bSGarrett Wollman * being used are not cryptographic related :-). 37c177a86bSGarrett Wollman * 4. If you include any Windows specific code (or a derivative thereof) from 38c177a86bSGarrett Wollman * the apps directory (application code) you must include an acknowledgement: 39c177a86bSGarrett Wollman * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40c177a86bSGarrett Wollman * 41c177a86bSGarrett Wollman * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42c177a86bSGarrett Wollman * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43c177a86bSGarrett Wollman * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44c177a86bSGarrett Wollman * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45c177a86bSGarrett Wollman * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46c177a86bSGarrett Wollman * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47c177a86bSGarrett Wollman * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48c177a86bSGarrett Wollman * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49c177a86bSGarrett Wollman * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50c177a86bSGarrett Wollman * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51c177a86bSGarrett Wollman * SUCH DAMAGE. 52c177a86bSGarrett Wollman * 53c177a86bSGarrett Wollman * The licence and distribution terms for any publically available version or 54c177a86bSGarrett Wollman * derivative of this code cannot be changed. i.e. this code cannot simply be 55c177a86bSGarrett Wollman * copied and put under another distribution licence 56c177a86bSGarrett Wollman * [including the GNU Public Licence.] 57c177a86bSGarrett Wollman */ 58c177a86bSGarrett Wollman 59c177a86bSGarrett Wollman #ifdef undef 60c177a86bSGarrett Wollman /* one or the other needs to be defined */ 61c177a86bSGarrett Wollman #ifndef SHA_1 /* FIPE 180-1 */ 62c177a86bSGarrett Wollman #define SHA_0 /* FIPS 180 */ 63c177a86bSGarrett Wollman #endif 64c177a86bSGarrett Wollman #endif 65c177a86bSGarrett Wollman 66c177a86bSGarrett Wollman #define ULONG unsigned long 67c177a86bSGarrett Wollman #define UCHAR unsigned char 68c177a86bSGarrett Wollman #define UINT unsigned int 69c177a86bSGarrett Wollman 70c177a86bSGarrett Wollman #ifdef NOCONST 71c177a86bSGarrett Wollman #define const 72c177a86bSGarrett Wollman #endif 73c177a86bSGarrett Wollman 74c177a86bSGarrett Wollman #undef c2nl 75c177a86bSGarrett Wollman #define c2nl(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ 76c177a86bSGarrett Wollman l|=(((unsigned long)(*((c)++)))<<16), \ 77c177a86bSGarrett Wollman l|=(((unsigned long)(*((c)++)))<< 8), \ 78c177a86bSGarrett Wollman l|=(((unsigned long)(*((c)++))) )) 79c177a86bSGarrett Wollman 80c177a86bSGarrett Wollman #undef p_c2nl 81c177a86bSGarrett Wollman #define p_c2nl(c,l,n) { \ 82c177a86bSGarrett Wollman switch (n) { \ 83c177a86bSGarrett Wollman case 0: l =((unsigned long)(*((c)++)))<<24; \ 84c177a86bSGarrett Wollman case 1: l|=((unsigned long)(*((c)++)))<<16; \ 85c177a86bSGarrett Wollman case 2: l|=((unsigned long)(*((c)++)))<< 8; \ 86c177a86bSGarrett Wollman case 3: l|=((unsigned long)(*((c)++))); \ 87c177a86bSGarrett Wollman } \ 88c177a86bSGarrett Wollman } 89c177a86bSGarrett Wollman 90c177a86bSGarrett Wollman #undef c2nl_p 91c177a86bSGarrett Wollman /* NOTE the pointer is not incremented at the end of this */ 92c177a86bSGarrett Wollman #define c2nl_p(c,l,n) { \ 93c177a86bSGarrett Wollman l=0; \ 94c177a86bSGarrett Wollman (c)+=n; \ 95c177a86bSGarrett Wollman switch (n) { \ 96c177a86bSGarrett Wollman case 3: l =((unsigned long)(*(--(c))))<< 8; \ 97c177a86bSGarrett Wollman case 2: l|=((unsigned long)(*(--(c))))<<16; \ 98c177a86bSGarrett Wollman case 1: l|=((unsigned long)(*(--(c))))<<24; \ 99c177a86bSGarrett Wollman } \ 100c177a86bSGarrett Wollman } 101c177a86bSGarrett Wollman 102c177a86bSGarrett Wollman #undef p_c2nl_p 103c177a86bSGarrett Wollman #define p_c2nl_p(c,l,sc,len) { \ 104c177a86bSGarrett Wollman switch (sc) \ 105c177a86bSGarrett Wollman { \ 106c177a86bSGarrett Wollman case 0: l =((unsigned long)(*((c)++)))<<24; \ 107c177a86bSGarrett Wollman if (--len == 0) break; \ 108c177a86bSGarrett Wollman case 1: l|=((unsigned long)(*((c)++)))<<16; \ 109c177a86bSGarrett Wollman if (--len == 0) break; \ 110c177a86bSGarrett Wollman case 2: l|=((unsigned long)(*((c)++)))<< 8; \ 111c177a86bSGarrett Wollman } \ 112c177a86bSGarrett Wollman } 113c177a86bSGarrett Wollman 114c177a86bSGarrett Wollman #undef nl2c 115c177a86bSGarrett Wollman #define nl2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ 116c177a86bSGarrett Wollman *((c)++)=(unsigned char)(((l)>>16)&0xff), \ 117c177a86bSGarrett Wollman *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ 118c177a86bSGarrett Wollman *((c)++)=(unsigned char)(((l) )&0xff)) 119c177a86bSGarrett Wollman 120c177a86bSGarrett Wollman #undef c2l 121c177a86bSGarrett Wollman #define c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ 122c177a86bSGarrett Wollman l|=(((unsigned long)(*((c)++)))<< 8), \ 123c177a86bSGarrett Wollman l|=(((unsigned long)(*((c)++)))<<16), \ 124c177a86bSGarrett Wollman l|=(((unsigned long)(*((c)++)))<<24)) 125c177a86bSGarrett Wollman 126c177a86bSGarrett Wollman #undef p_c2l 127c177a86bSGarrett Wollman #define p_c2l(c,l,n) { \ 128c177a86bSGarrett Wollman switch (n) { \ 129c177a86bSGarrett Wollman case 0: l =((unsigned long)(*((c)++))); \ 130c177a86bSGarrett Wollman case 1: l|=((unsigned long)(*((c)++)))<< 8; \ 131c177a86bSGarrett Wollman case 2: l|=((unsigned long)(*((c)++)))<<16; \ 132c177a86bSGarrett Wollman case 3: l|=((unsigned long)(*((c)++)))<<24; \ 133c177a86bSGarrett Wollman } \ 134c177a86bSGarrett Wollman } 135c177a86bSGarrett Wollman 136c177a86bSGarrett Wollman #undef c2l_p 137c177a86bSGarrett Wollman /* NOTE the pointer is not incremented at the end of this */ 138c177a86bSGarrett Wollman #define c2l_p(c,l,n) { \ 139c177a86bSGarrett Wollman l=0; \ 140c177a86bSGarrett Wollman (c)+=n; \ 141c177a86bSGarrett Wollman switch (n) { \ 142c177a86bSGarrett Wollman case 3: l =((unsigned long)(*(--(c))))<<16; \ 143c177a86bSGarrett Wollman case 2: l|=((unsigned long)(*(--(c))))<< 8; \ 144c177a86bSGarrett Wollman case 1: l|=((unsigned long)(*(--(c)))); \ 145c177a86bSGarrett Wollman } \ 146c177a86bSGarrett Wollman } 147c177a86bSGarrett Wollman 148c177a86bSGarrett Wollman #undef p_c2l_p 149c177a86bSGarrett Wollman #define p_c2l_p(c,l,sc,len) { \ 150c177a86bSGarrett Wollman switch (sc) \ 151c177a86bSGarrett Wollman { \ 152c177a86bSGarrett Wollman case 0: l =((unsigned long)(*((c)++))); \ 153c177a86bSGarrett Wollman if (--len == 0) break; \ 154c177a86bSGarrett Wollman case 1: l|=((unsigned long)(*((c)++)))<< 8; \ 155c177a86bSGarrett Wollman if (--len == 0) break; \ 156c177a86bSGarrett Wollman case 2: l|=((unsigned long)(*((c)++)))<<16; \ 157c177a86bSGarrett Wollman } \ 158c177a86bSGarrett Wollman } 159c177a86bSGarrett Wollman 160c177a86bSGarrett Wollman #undef l2c 161c177a86bSGarrett Wollman #define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ 162c177a86bSGarrett Wollman *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ 163c177a86bSGarrett Wollman *((c)++)=(unsigned char)(((l)>>16)&0xff), \ 164c177a86bSGarrett Wollman *((c)++)=(unsigned char)(((l)>>24)&0xff)) 165c177a86bSGarrett Wollman 166c177a86bSGarrett Wollman #undef ROTATE 167c177a86bSGarrett Wollman #if defined(WIN32) 168c177a86bSGarrett Wollman #define ROTATE(a,n) _lrotl(a,n) 169c177a86bSGarrett Wollman #else 170c177a86bSGarrett Wollman #define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) 171c177a86bSGarrett Wollman #endif 172c177a86bSGarrett Wollman 173c177a86bSGarrett Wollman /* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */ 174c177a86bSGarrett Wollman #if defined(WIN32) 175c177a86bSGarrett Wollman /* 5 instructions with rotate instruction, else 9 */ 176c177a86bSGarrett Wollman #define Endian_Reverse32(a) \ 177c177a86bSGarrett Wollman { \ 178c177a86bSGarrett Wollman unsigned long l=(a); \ 179c177a86bSGarrett Wollman (a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \ 180c177a86bSGarrett Wollman } 181c177a86bSGarrett Wollman #else 182c177a86bSGarrett Wollman /* 6 instructions with rotate instruction, else 8 */ 183c177a86bSGarrett Wollman #define Endian_Reverse32(a) \ 184c177a86bSGarrett Wollman { \ 185c177a86bSGarrett Wollman unsigned long l=(a); \ 186c177a86bSGarrett Wollman l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \ 187c177a86bSGarrett Wollman (a)=ROTATE(l,16L); \ 188c177a86bSGarrett Wollman } 189c177a86bSGarrett Wollman #endif 190c177a86bSGarrett Wollman 191c177a86bSGarrett Wollman /* As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be 192c177a86bSGarrett Wollman * simplified to the code in F_00_19. Wei attributes these optimisations 193c177a86bSGarrett Wollman * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel. 194c177a86bSGarrett Wollman * #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) 195c177a86bSGarrett Wollman * I've just become aware of another tweak to be made, again from Wei Dai, 196c177a86bSGarrett Wollman * in F_40_59, (x&a)|(y&a) -> (x|y)&a 197c177a86bSGarrett Wollman */ 198c177a86bSGarrett Wollman #define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d)) 199c177a86bSGarrett Wollman #define F_20_39(b,c,d) ((b) ^ (c) ^ (d)) 200c177a86bSGarrett Wollman #define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d))) 201c177a86bSGarrett Wollman #define F_60_79(b,c,d) F_20_39(b,c,d) 202c177a86bSGarrett Wollman 203c177a86bSGarrett Wollman #ifdef SHA_0 204c177a86bSGarrett Wollman #undef Xupdate 205c177a86bSGarrett Wollman #define Xupdate(a,i,ia,ib,ic,id) X[(i)&0x0f]=(a)=\ 206c177a86bSGarrett Wollman (ia[(i)&0x0f]^ib[((i)+2)&0x0f]^ic[((i)+8)&0x0f]^id[((i)+13)&0x0f]); 207c177a86bSGarrett Wollman #endif 208c177a86bSGarrett Wollman #ifdef SHA_1 209c177a86bSGarrett Wollman #undef Xupdate 210c177a86bSGarrett Wollman #define Xupdate(a,i,ia,ib,ic,id) (a)=\ 211c177a86bSGarrett Wollman (ia[(i)&0x0f]^ib[((i)+2)&0x0f]^ic[((i)+8)&0x0f]^id[((i)+13)&0x0f]);\ 212c177a86bSGarrett Wollman X[(i)&0x0f]=(a)=ROTATE((a),1); 213c177a86bSGarrett Wollman #endif 214c177a86bSGarrett Wollman 215c177a86bSGarrett Wollman #define BODY_00_15(i,a,b,c,d,e,f,xa) \ 216c177a86bSGarrett Wollman (f)=xa[i]+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ 217c177a86bSGarrett Wollman (b)=ROTATE((b),30); 218c177a86bSGarrett Wollman 219c177a86bSGarrett Wollman #define BODY_16_19(i,a,b,c,d,e,f,xa,xb,xc,xd) \ 220c177a86bSGarrett Wollman Xupdate(f,i,xa,xb,xc,xd); \ 221c177a86bSGarrett Wollman (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ 222c177a86bSGarrett Wollman (b)=ROTATE((b),30); 223c177a86bSGarrett Wollman 224c177a86bSGarrett Wollman #define BODY_20_31(i,a,b,c,d,e,f,xa,xb,xc,xd) \ 225c177a86bSGarrett Wollman Xupdate(f,i,xa,xb,xc,xd); \ 226c177a86bSGarrett Wollman (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \ 227c177a86bSGarrett Wollman (b)=ROTATE((b),30); 228c177a86bSGarrett Wollman 229c177a86bSGarrett Wollman #define BODY_32_39(i,a,b,c,d,e,f,xa) \ 230c177a86bSGarrett Wollman Xupdate(f,i,xa,xa,xa,xa); \ 231c177a86bSGarrett Wollman (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \ 232c177a86bSGarrett Wollman (b)=ROTATE((b),30); 233c177a86bSGarrett Wollman 234c177a86bSGarrett Wollman #define BODY_40_59(i,a,b,c,d,e,f,xa) \ 235c177a86bSGarrett Wollman Xupdate(f,i,xa,xa,xa,xa); \ 236c177a86bSGarrett Wollman (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \ 237c177a86bSGarrett Wollman (b)=ROTATE((b),30); 238c177a86bSGarrett Wollman 239c177a86bSGarrett Wollman #define BODY_60_79(i,a,b,c,d,e,f,xa) \ 240c177a86bSGarrett Wollman Xupdate(f,i,xa,xa,xa,xa); \ 241c177a86bSGarrett Wollman (f)=X[(i)&0x0f]+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \ 242c177a86bSGarrett Wollman (b)=ROTATE((b),30); 243c177a86bSGarrett Wollman 244