sha256.c source code [Curl/lib/sha256.c]

1	/***************************************************************************
2	* _ _ ____ _
3	* Project ___\| \| \| \| _ \\| \|
4	* / __\| \| \| \| \|_) \| \|
5	* \| (__\| \|_\| \| _ <\| \|___
6	* \___\|\___/\|_\| \_\_____\|
7	*
8	* Copyright (C) 1998 - 2018, Florin Petriuc, <petriuc.florin@gmail.com>
9	*
10	* This software is licensed as described in the file COPYING, which
11	* you should have received as part of this distribution. The terms
12	* are also available at https://curl.haxx.se/docs/copyright.html.
13	*
14	* You may opt to use, copy, modify, merge, publish, distribute and/or sell
15	* copies of the Software, and permit persons to whom the Software is
16	* furnished to do so, under the terms of the COPYING file.
17	*
18	* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19	* KIND, either express or implied.
20	*
21	***************************************************************************/
22
23	#include "curl_setup.h"
24
25	#ifndef CURL_DISABLE_CRYPTO_AUTH
26
27	#include "warnless.h"
28	#include "curl_sha256.h"
29
30	#if defined(USE_OPENSSL)
31
32	#include <openssl/opensslv.h>
33
34	#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
35	#define USE_OPENSSL_SHA256
36	#endif
37
38	#endif
39
40	#ifdef USE_OPENSSL_SHA256
41	/ When OpenSSL is available we use the SHA256-function from OpenSSL /
42	#include <openssl/sha.h>
43	#else
44
45	/ When no other crypto library is available we use this code segment /
46
47	/ ===== start - public domain SHA256 implementation ===== /
48	/ This is based on SHA256 implementation in LibTomCrypt that was released into*
49	* public domain by Tom St Denis. */
50
51	#define WPA_GET_BE32(a) ((((unsigned long)(a)[0]) << 24) \| \
52	(((unsigned long)(a)[1]) << 16) \| \
53	(((unsigned long)(a)[2]) << 8) \| \
54	((unsigned long)(a)[3]))
55	#define WPA_PUT_BE32(a, val) \
56	do { \
57	(a)[0] = (unsigned char)((((unsigned long) (val)) >> 24) & 0xff); \
58	(a)[1] = (unsigned char)((((unsigned long) (val)) >> 16) & 0xff); \
59	(a)[2] = (unsigned char)((((unsigned long) (val)) >> 8) & 0xff); \
60	(a)[3] = (unsigned char)(((unsigned long) (val)) & 0xff); \
61	} while(0)
62
63	#ifdef HAVE_LONGLONG
64	#define WPA_PUT_BE64(a, val) \
65	do { \
66	(a)[0] = (unsigned char)(((unsigned long long)(val)) >> 56); \
67	(a)[1] = (unsigned char)(((unsigned long long)(val)) >> 48); \
68	(a)[2] = (unsigned char)(((unsigned long long)(val)) >> 40); \
69	(a)[3] = (unsigned char)(((unsigned long long)(val)) >> 32); \
70	(a)[4] = (unsigned char)(((unsigned long long)(val)) >> 24); \
71	(a)[5] = (unsigned char)(((unsigned long long)(val)) >> 16); \
72	(a)[6] = (unsigned char)(((unsigned long long)(val)) >> 8); \
73	(a)[7] = (unsigned char)(((unsigned long long)(val)) & 0xff); \
74	} while(0)
75	#else
76	#define WPA_PUT_BE64(a, val) \
77	do { \
78	(a)[0] = (unsigned char)(((unsigned __int64)(val)) >> 56); \
79	(a)[1] = (unsigned char)(((unsigned __int64)(val)) >> 48); \
80	(a)[2] = (unsigned char)(((unsigned __int64)(val)) >> 40); \
81	(a)[3] = (unsigned char)(((unsigned __int64)(val)) >> 32); \
82	(a)[4] = (unsigned char)(((unsigned __int64)(val)) >> 24); \
83	(a)[5] = (unsigned char)(((unsigned __int64)(val)) >> 16); \
84	(a)[6] = (unsigned char)(((unsigned __int64)(val)) >> 8); \
85	(a)[7] = (unsigned char)(((unsigned __int64)(val)) & 0xff); \
86	} while(0)
87	#endif
88
89	typedef struct sha256_state {
90	#ifdef HAVE_LONGLONG
91	unsigned long long length;
92	#else
93	unsigned __int64 length;
94	#endif
95	unsigned long state[`8`], curlen;
96	unsigned char buf[`64`];
97	} SHA256_CTX;
98	/ the K array /
99	static const unsigned long K[`64`] = {
100	`0x428a2f98UL`, `0x71374491UL`, `0xb5c0fbcfUL`, `0xe9b5dba5UL`, `0x3956c25bUL`,
101	`0x59f111f1UL`, `0x923f82a4UL`, `0xab1c5ed5UL`, `0xd807aa98UL`, `0x12835b01UL`,
102	`0x243185beUL`, `0x550c7dc3UL`, `0x72be5d74UL`, `0x80deb1feUL`, `0x9bdc06a7UL`,
103	`0xc19bf174UL`, `0xe49b69c1UL`, `0xefbe4786UL`, `0x0fc19dc6UL`, `0x240ca1ccUL`,
104	`0x2de92c6fUL`, `0x4a7484aaUL`, `0x5cb0a9dcUL`, `0x76f988daUL`, `0x983e5152UL`,
105	`0xa831c66dUL`, `0xb00327c8UL`, `0xbf597fc7UL`, `0xc6e00bf3UL`, `0xd5a79147UL`,
106	`0x06ca6351UL`, `0x14292967UL`, `0x27b70a85UL`, `0x2e1b2138UL`, `0x4d2c6dfcUL`,
107	`0x53380d13UL`, `0x650a7354UL`, `0x766a0abbUL`, `0x81c2c92eUL`, `0x92722c85UL`,
108	`0xa2bfe8a1UL`, `0xa81a664bUL`, `0xc24b8b70UL`, `0xc76c51a3UL`, `0xd192e819UL`,
109	`0xd6990624UL`, `0xf40e3585UL`, `0x106aa070UL`, `0x19a4c116UL`, `0x1e376c08UL`,
110	`0x2748774cUL`, `0x34b0bcb5UL`, `0x391c0cb3UL`, `0x4ed8aa4aUL`, `0x5b9cca4fUL`,
111	`0x682e6ff3UL`, `0x748f82eeUL`, `0x78a5636fUL`, `0x84c87814UL`, `0x8cc70208UL`,
112	`0x90befffaUL`, `0xa4506cebUL`, `0xbef9a3f7UL`, `0xc67178f2UL`
113	};
114	/ Various logical functions /
115	#define RORc(x, y) \
116	(((((unsigned long)(x) & 0xFFFFFFFFUL) >> (unsigned long)((y) & 31)) \| \
117	((unsigned long)(x) << (unsigned long)(32 - ((y) & 31)))) & 0xFFFFFFFFUL)
118	#define Ch(x,y,z) (z ^ (x & (y ^ z)))
119	#define Maj(x,y,z) (((x \| y) & z) \| (x & y))
120	#define S(x, n) RORc((x), (n))
121	#define R(x, n) (((x)&0xFFFFFFFFUL)>>(n))
122	#define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22))
123	#define Sigma1(x) (S(x, 6) ^ S(x, 11) ^ S(x, 25))
124	#define Gamma0(x) (S(x, 7) ^ S(x, 18) ^ R(x, 3))
125	#define Gamma1(x) (S(x, 17) ^ S(x, 19) ^ R(x, 10))
126	/ compress 512-bits /
127	static int sha256_compress(struct sha256_state *md,
128	unsigned char *buf)
129	{
130	unsigned long S[`8`], W[`64`];
131	int i;
132	/ copy state into S /
133	for(i = `0`; i < `8`; i++) {
134	S[i] = md->state[i];
135	}
136	/ copy the state into 512-bits into W[0..15] /
137	for(i = `0`; i < `16`; i++)
138	W[i] = WPA_GET_BE32(buf + (`4` * i));
139	/ fill W[16..63] /
140	for(i = `16`; i < `64`; i++) {
141	W[i] = Gamma1(W[i - `2`]) + W[i - `7`] + Gamma0(W[i - `15`]) +
142	W[i - `16`];
143	}
144	/ Compress /
145	#define RND(a,b,c,d,e,f,g,h,i) \
146	unsigned long t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \
147	unsigned long t1 = Sigma0(a) + Maj(a, b, c); \
148	d += t0; \
149	h = t0 + t1;
150	for(i = `0`; i < `64`; ++i) {
151	unsigned long t;
152	RND(S[`0`], S[`1`], S[`2`], S[`3`], S[`4`], S[`5`], S[`6`], S[`7`], i);
153	t = S[`7`]; S[`7`] = S[`6`]; S[`6`] = S[`5`]; S[`5`] = S[`4`];
154	S[`4`] = S[`3`]; S[`3`] = S[`2`]; S[`2`] = S[`1`]; S[`1`] = S[`0`]; S[`0`] = t;
155	}
156	/ feedback /
157	for(i = `0`; i < `8`; i++) {
158	md->state[i] = md->state[i] + S[i];
159	}
160	return `0`;
161	}
162	/ Initialize the hash state /
163	static void SHA256_Init(struct sha256_state *md)
164	{
165	md->curlen = `0`;
166	md->length = `0`;
167	md->state[`0`] = `0x6A09E667UL`;
168	md->state[`1`] = `0xBB67AE85UL`;
169	md->state[`2`] = `0x3C6EF372UL`;
170	md->state[`3`] = `0xA54FF53AUL`;
171	md->state[`4`] = `0x510E527FUL`;
172	md->state[`5`] = `0x9B05688CUL`;
173	md->state[`6`] = `0x1F83D9ABUL`;
174	md->state[`7`] = `0x5BE0CD19UL`;
175	}
176	/**
177	Process a block of memory though the hash
178	@param md The hash state
179	@param in The data to hash
180	@param inlen The length of the data (octets)
181	@return CRYPT_OK if successful
182	*/
183	static int SHA256_Update(struct sha256_state *md,
184	const unsigned char *in,
185	unsigned long inlen)
186	{
187	unsigned long n;
188	#define block_size 64
189	if(md->curlen > sizeof(md->buf))
190	return -`1`;
191	while(inlen > `0`) {
192	if(md->curlen == `0` && inlen >= block_size) {
193	if(sha256_compress(md, (unsigned char *)in) < `0`)
194	return -`1`;
195	md->length += block_size * `8`;
196	in += block_size;
197	inlen -= block_size;
198	}
199	else {
200	n = CURLMIN(inlen, (block_size - md->curlen));
201	memcpy(md->buf + md->curlen, in, n);
202	md->curlen += n;
203	in += n;
204	inlen -= n;
205	if(md->curlen == block_size) {
206	if(sha256_compress(md, md->buf) < `0`)
207	return -`1`;
208	md->length += `8` * block_size;
209	md->curlen = `0`;
210	}
211	}
212	}
213	return `0`;
214	}
215	/**
216	Terminate the hash to get the digest
217	@param md The hash state
218	@param out [out] The destination of the hash (32 bytes)
219	@return CRYPT_OK if successful
220	*/
221	static int SHA256_Final(unsigned char *out,
222	struct sha256_state *md)
223	{
224	int i;
225	if(md->curlen >= sizeof(md->buf))
226	return -`1`;
227	/ increase the length of the message /
228	md->length += md->curlen * `8`;
229	/ append the '1' bit /
230	md->buf[md->curlen++] = (unsigned char)`0x80`;
231	/ if the length is currently above 56 bytes we append zeros*
232	* then compress. Then we can fall back to padding zeros and length
233	* encoding like normal.
234	*/
235	if(md->curlen > `56`) {
236	while(md->curlen < `64`) {
237	md->buf[md->curlen++] = (unsigned char)`0`;
238	}
239	sha256_compress(md, md->buf);
240	md->curlen = `0`;
241	}
242	/ pad up to 56 bytes of zeroes /
243	while(md->curlen < `56`) {
244	md->buf[md->curlen++] = (unsigned char)`0`;
245	}
246	/ store length /
247	WPA_PUT_BE64(md->buf + `56`, md->length);
248	sha256_compress(md, md->buf);
249	/ copy output /
250	for(i = `0`; i < `8`; i++)
251	WPA_PUT_BE32(out + (`4` * i), md->state[i]);
252	return `0`;
253	}
254	/ ===== end - public domain SHA256 implementation ===== /
255
256	#endif
257
258	void Curl_sha256it(unsigned char outbuffer, /* 32 unsigned chars /
259	const unsigned char *input)
260	{
261	SHA256_CTX ctx;
262	SHA256_Init(&ctx);
263	SHA256_Update(&ctx, input, curlx_uztoui(strlen((char *)input)));
264	SHA256_Final(outbuffer, &ctx);
265	}
266
267	#endif /* CURL_DISABLE_CRYPTO_AUTH */
268

Browse the source code of Curl/lib/sha256.c