1//
2// SHA2Engine.cpp
3//
4// Library: Foundation
5// Package: Crypt
6// Module: SHA2Engine
7//
8// Code of class SHA2Engine.
9//
10// Secure Hash Standard SHA-2 algorithm
11// (FIPS 180-4, see http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf)
12//
13// Based on the implementation of mbed TLS (Apache 2.0)
14// http://www.apache.org/licenses/LICENSE-2.0
15//
16// Copyright (c) 2017, Applied Informatics Software Engineering GmbH
17// and Contributors.
18//
19// SPDX-License-Identifier: BSL-1.0
20//
21
22#include "Poco/SHA2Engine.h"
23#include <string.h>
24
25namespace Poco {
26
27typedef struct
28{
29 union
30 {
31 Poco::UInt32 total32[4];
32 Poco::UInt64 total64[2];
33 } total;
34 union
35 {
36 Poco::UInt32 state32[16];
37 Poco::UInt64 state64[8];
38 } state;
39 SHA2Engine::ALGORITHM size;
40 unsigned char buffer[128];
41} HASHCONTEXT;
42static const Poco::UInt32 K32[] =
43{
44 0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
45 0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5,
46 0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3,
47 0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174,
48 0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC,
49 0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA,
50 0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7,
51 0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967,
52 0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13,
53 0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85,
54 0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3,
55 0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070,
56 0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5,
57 0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3,
58 0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208,
59 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2,
60};
61#if defined(_MSC_VER) || defined(__WATCOMC__)
62#define UL64(x) x##ui64
63#else
64#define UL64(x) x##ULL
65#endif
66static const Poco::UInt64 K64[80] =
67{
68 UL64(0x428A2F98D728AE22), UL64(0x7137449123EF65CD),
69 UL64(0xB5C0FBCFEC4D3B2F), UL64(0xE9B5DBA58189DBBC),
70 UL64(0x3956C25BF348B538), UL64(0x59F111F1B605D019),
71 UL64(0x923F82A4AF194F9B), UL64(0xAB1C5ED5DA6D8118),
72 UL64(0xD807AA98A3030242), UL64(0x12835B0145706FBE),
73 UL64(0x243185BE4EE4B28C), UL64(0x550C7DC3D5FFB4E2),
74 UL64(0x72BE5D74F27B896F), UL64(0x80DEB1FE3B1696B1),
75 UL64(0x9BDC06A725C71235), UL64(0xC19BF174CF692694),
76 UL64(0xE49B69C19EF14AD2), UL64(0xEFBE4786384F25E3),
77 UL64(0x0FC19DC68B8CD5B5), UL64(0x240CA1CC77AC9C65),
78 UL64(0x2DE92C6F592B0275), UL64(0x4A7484AA6EA6E483),
79 UL64(0x5CB0A9DCBD41FBD4), UL64(0x76F988DA831153B5),
80 UL64(0x983E5152EE66DFAB), UL64(0xA831C66D2DB43210),
81 UL64(0xB00327C898FB213F), UL64(0xBF597FC7BEEF0EE4),
82 UL64(0xC6E00BF33DA88FC2), UL64(0xD5A79147930AA725),
83 UL64(0x06CA6351E003826F), UL64(0x142929670A0E6E70),
84 UL64(0x27B70A8546D22FFC), UL64(0x2E1B21385C26C926),
85 UL64(0x4D2C6DFC5AC42AED), UL64(0x53380D139D95B3DF),
86 UL64(0x650A73548BAF63DE), UL64(0x766A0ABB3C77B2A8),
87 UL64(0x81C2C92E47EDAEE6), UL64(0x92722C851482353B),
88 UL64(0xA2BFE8A14CF10364), UL64(0xA81A664BBC423001),
89 UL64(0xC24B8B70D0F89791), UL64(0xC76C51A30654BE30),
90 UL64(0xD192E819D6EF5218), UL64(0xD69906245565A910),
91 UL64(0xF40E35855771202A), UL64(0x106AA07032BBD1B8),
92 UL64(0x19A4C116B8D2D0C8), UL64(0x1E376C085141AB53),
93 UL64(0x2748774CDF8EEB99), UL64(0x34B0BCB5E19B48A8),
94 UL64(0x391C0CB3C5C95A63), UL64(0x4ED8AA4AE3418ACB),
95 UL64(0x5B9CCA4F7763E373), UL64(0x682E6FF3D6B2B8A3),
96 UL64(0x748F82EE5DEFB2FC), UL64(0x78A5636F43172F60),
97 UL64(0x84C87814A1F0AB72), UL64(0x8CC702081A6439EC),
98 UL64(0x90BEFFFA23631E28), UL64(0xA4506CEBDE82BDE9),
99 UL64(0xBEF9A3F7B2C67915), UL64(0xC67178F2E372532B),
100 UL64(0xCA273ECEEA26619C), UL64(0xD186B8C721C0C207),
101 UL64(0xEADA7DD6CDE0EB1E), UL64(0xF57D4F7FEE6ED178),
102 UL64(0x06F067AA72176FBA), UL64(0x0A637DC5A2C898A6),
103 UL64(0x113F9804BEF90DAE), UL64(0x1B710B35131C471B),
104 UL64(0x28DB77F523047D84), UL64(0x32CAAB7B40C72493),
105 UL64(0x3C9EBE0A15C9BEBC), UL64(0x431D67C49C100D4C),
106 UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A),
107 UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817)
108};
109static const unsigned char padding[128] = { 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
110#define SHR32(x,n) ((x & 0xFFFFFFFF) >> n)
111#define SHR64(x,n) (x >> n)
112#define ROTR32(x,n) (SHR32(x,n) | (x << (32 - n)))
113#define ROTR64(x,n) (SHR64(x,n) | (x << (64 - n)))
114#define S320(x) (ROTR32(x, 7) ^ ROTR32(x,18) ^ SHR32(x, 3))
115#define S321(x) (ROTR32(x,17) ^ ROTR32(x,19) ^ SHR32(x,10))
116#define S322(x) (ROTR32(x, 2) ^ ROTR32(x,13) ^ ROTR32(x,22))
117#define S323(x) (ROTR32(x, 6) ^ ROTR32(x,11) ^ ROTR32(x,25))
118#define S640(x) (ROTR64(x, 1) ^ ROTR64(x, 8) ^ SHR64(x, 7))
119#define S641(x) (ROTR64(x,19) ^ ROTR64(x,61) ^ SHR64(x, 6))
120#define S642(x) (ROTR64(x,28) ^ ROTR64(x,34) ^ ROTR64(x,39))
121#define S643(x) (ROTR64(x,14) ^ ROTR64(x,18) ^ ROTR64(x,41))
122#define F320(x,y,z) ((x & y) | (z & (x | y)))
123#define F321(x,y,z) (z ^ (x & (y ^ z)))
124#define F640(x,y,z) ((x & y) | (z & (x | y)))
125#define F641(x,y,z) (z ^ (x & (y ^ z)))
126#define R32(t) (W[t] = S321(W[t - 2]) + W[t - 7] + S320(W[t - 15]) + W[t - 16])
127#define P32(a,b,c,d,e,f,g,h,x,K) \
128{ \
129 temp1 = h + S323(e) + F321(e,f,g) + K + x; \
130 temp2 = S322(a) + F320(a,b,c); \
131 d += temp1; h = temp1 + temp2; \
132}
133#define P64(a,b,c,d,e,f,g,h,x,K) \
134{ \
135 temp1 = h + S643(e) + F641(e,f,g) + K + x; \
136 temp2 = S642(a) + F640(a,b,c); \
137 d += temp1; h = temp1 + temp2; \
138}
139#ifdef POCO_ARCH_BIG_ENDIAN
140#ifndef GET_UINT32
141#define GET_UINT32(n,b,i) \
142do { \
143 (n) = ( (Poco::UInt32) (b)[(i) ] ) \
144 | ( (Poco::UInt32) (b)[(i) + 1] << 8 ) \
145 | ( (Poco::UInt32) (b)[(i) + 2] << 16 ) \
146 | ( (Poco::UInt32) (b)[(i) + 3] << 24 ); \
147} while( 0 )
148#endif
149#ifndef PUT_UINT32
150#define PUT_UINT32(n,b,i) \
151do { \
152 (b)[(i) ] = (unsigned char) ( (n) ); \
153 (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \
154 (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \
155 (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \
156} while( 0 )
157#endif
158#ifndef GET_UINT64
159#define GET_UINT64(n,b,i) \
160{ \
161 (n) = ( (Poco::UInt64) (b)[(i) ] ) \
162 | ( (Poco::UInt64) (b)[(i) + 1] << 8 ) \
163 | ( (Poco::UInt64) (b)[(i) + 2] << 16 ) \
164 | ( (Poco::UInt64) (b)[(i) + 3] << 24 ) \
165 | ( (Poco::UInt64) (b)[(i) + 4] << 32 ) \
166 | ( (Poco::UInt64) (b)[(i) + 5] << 40 ) \
167 | ( (Poco::UInt64) (b)[(i) + 6] << 48 ) \
168 | ( (Poco::UInt64) (b)[(i) + 7] << 56 ); \
169}
170#endif
171#ifndef PUT_UINT64
172#define PUT_UINT64(n,b,i) \
173{ \
174 (b)[(i) ] = (unsigned char) ( (n) ); \
175 (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \
176 (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \
177 (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \
178 (b)[(i) + 4] = (unsigned char) ( (n) >> 32 ); \
179 (b)[(i) + 5] = (unsigned char) ( (n) >> 40 ); \
180 (b)[(i) + 6] = (unsigned char) ( (n) >> 48 ); \
181 (b)[(i) + 7] = (unsigned char) ( (n) >> 56 ); \
182}
183#endif
184#else
185#ifndef GET_UINT32
186#define GET_UINT32(n,b,i) \
187do { \
188 (n) = ( (Poco::UInt32) (b)[(i) ] << 24 ) \
189 | ( (Poco::UInt32) (b)[(i) + 1] << 16 ) \
190 | ( (Poco::UInt32) (b)[(i) + 2] << 8 ) \
191 | ( (Poco::UInt32) (b)[(i) + 3] ); \
192} while( 0 )
193#endif
194#ifndef PUT_UINT32
195#define PUT_UINT32(n,b,i) \
196do { \
197 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
198 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
199 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
200 (b)[(i) + 3] = (unsigned char) ( (n) ); \
201} while( 0 )
202#endif
203#ifndef GET_UINT64
204#define GET_UINT64(n,b,i) \
205{ \
206 (n) = ( (Poco::UInt64) (b)[(i) ] << 56 ) \
207 | ( (Poco::UInt64) (b)[(i) + 1] << 48 ) \
208 | ( (Poco::UInt64) (b)[(i) + 2] << 40 ) \
209 | ( (Poco::UInt64) (b)[(i) + 3] << 32 ) \
210 | ( (Poco::UInt64) (b)[(i) + 4] << 24 ) \
211 | ( (Poco::UInt64) (b)[(i) + 5] << 16 ) \
212 | ( (Poco::UInt64) (b)[(i) + 6] << 8 ) \
213 | ( (Poco::UInt64) (b)[(i) + 7] ); \
214}
215#endif
216#ifndef PUT_UINT64
217#define PUT_UINT64(n,b,i) \
218{ \
219 (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \
220 (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \
221 (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \
222 (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \
223 (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \
224 (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \
225 (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \
226 (b)[(i) + 7] = (unsigned char) ( (n) ); \
227}
228#endif
229#endif
230
231SHA2Engine::SHA2Engine(ALGORITHM algorithm)
232 : _context(NULL),
233 _algorithm(algorithm)
234{
235 _digest.reserve(digestLength());
236 reset();
237}
238
239SHA2Engine::~SHA2Engine()
240{
241 reset();
242 free(_context);
243}
244
245void _sha256_process(HASHCONTEXT* pContext, const unsigned char data[64])
246{
247 unsigned int i;
248 Poco::UInt32 temp1, temp2, temp3[8], W[64];
249 for (i = 0; i < 8; i++) temp3[i] = pContext->state.state32[i];
250 for (i = 0; i < 16; i++) { GET_UINT32(W[i], data, 4 * i); }
251 for (i = 0; i < 16; i += 8)
252 {
253 P32(temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], W[i + 0], K32[i + 0]);
254 P32(temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], W[i + 1], K32[i + 1]);
255 P32(temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], W[i + 2], K32[i + 2]);
256 P32(temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], W[i + 3], K32[i + 3]);
257 P32(temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], W[i + 4], K32[i + 4]);
258 P32(temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], W[i + 5], K32[i + 5]);
259 P32(temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], W[i + 6], K32[i + 6]);
260 P32(temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], W[i + 7], K32[i + 7]);
261 }
262 for (i = 16; i < 64; i += 8)
263 {
264 P32(temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], R32(i + 0), K32[i + 0]);
265 P32(temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], R32(i + 1), K32[i + 1]);
266 P32(temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], R32(i + 2), K32[i + 2]);
267 P32(temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], R32(i + 3), K32[i + 3]);
268 P32(temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], R32(i + 4), K32[i + 4]);
269 P32(temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], R32(i + 5), K32[i + 5]);
270 P32(temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], R32(i + 6), K32[i + 6]);
271 P32(temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], R32(i + 7), K32[i + 7]);
272 }
273 for (i = 0; i < 8; i++) pContext->state.state32[i] += temp3[i];
274}
275
276void _sha512_process(HASHCONTEXT* pContext, const unsigned char data[128])
277{
278 int i;
279 Poco::UInt64 temp1, temp2, temp3[8], W[80];
280 for (i = 0; i < 16; i++) { GET_UINT64(W[i], data, i << 3); }
281 for (; i < 80; i++) { W[i] = S641(W[i - 2]) + W[i - 7] + S640(W[i - 15]) + W[i - 16]; }
282 for (i = 0; i < 8; i++) temp3[i] = pContext->state.state64[i];
283 i = 0;
284 do
285 {
286 P64(temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], W[i], K64[i]); i++;
287 P64(temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], W[i], K64[i]); i++;
288 P64(temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], W[i], K64[i]); i++;
289 P64(temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], temp3[4], W[i], K64[i]); i++;
290 P64(temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], temp3[3], W[i], K64[i]); i++;
291 P64(temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], temp3[2], W[i], K64[i]); i++;
292 P64(temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], temp3[1], W[i], K64[i]); i++;
293 P64(temp3[1], temp3[2], temp3[3], temp3[4], temp3[5], temp3[6], temp3[7], temp3[0], W[i], K64[i]); i++;
294 } while (i < 80);
295 for (i = 0; i < 8; i++) pContext->state.state64[i] += temp3[i];
296}
297
298void SHA2Engine::updateImpl(const void* buffer_, std::size_t count)
299{
300 if (_context == NULL || buffer_ == NULL || count == 0) return;
301 Poco::UInt32 left = 0;
302 HASHCONTEXT* pContext = (HASHCONTEXT*)_context;
303 unsigned char* data = (unsigned char*)buffer_;
304 if (pContext->size > SHA_256)
305 {
306 left = (Poco::UInt32)(pContext->total.total64[0] & 0x7F);
307 size_t fill = 128 - left;
308 pContext->total.total64[0] += (Poco::UInt64)count;
309 if (pContext->total.total64[0] < (Poco::UInt64)count) pContext->total.total64[1]++;
310 if (left && count >= fill)
311 {
312 memcpy((void *)(pContext->buffer + left), data, fill);
313 _sha512_process(pContext, pContext->buffer);
314 data += fill;
315 count -= fill;
316 left = 0;
317 }
318 while (count >= 128)
319 {
320 _sha512_process(pContext, data);
321 data += 128;
322 count -= 128;
323 }
324 }
325 else
326 {
327 left = (Poco::UInt32)(pContext->total.total32[0] & 0x3F);
328 size_t fill = 64 - left;
329 pContext->total.total32[0] += (Poco::UInt32)count;
330 pContext->total.total32[0] &= 0xFFFFFFFF;
331 if (pContext->total.total32[0] < (Poco::UInt32)count) pContext->total.total32[1]++;
332 if (left && count >= fill)
333 {
334 memcpy((void *)(pContext->buffer + left), data, fill);
335 _sha256_process(pContext, pContext->buffer);
336 data += fill;
337 count -= fill;
338 left = 0;
339 }
340 while (count >= 64)
341 {
342 _sha256_process(pContext, data);
343 data += 64;
344 count -= 64;
345 }
346 }
347 if (count > 0) memcpy((void *)(pContext->buffer + left), data, count);
348}
349
350std::size_t SHA2Engine::digestLength() const
351{
352 return (size_t)((int)_algorithm / 8);
353}
354
355void SHA2Engine::reset()
356{
357 if (_context != NULL) free(_context);
358 _context = calloc(1, sizeof(HASHCONTEXT));
359 HASHCONTEXT* pContext = (HASHCONTEXT*)_context;
360 pContext->size = _algorithm;
361 if (_algorithm == SHA_224)
362 {
363 pContext->state.state32[0] = 0xC1059ED8;
364 pContext->state.state32[1] = 0x367CD507;
365 pContext->state.state32[2] = 0x3070DD17;
366 pContext->state.state32[3] = 0xF70E5939;
367 pContext->state.state32[4] = 0xFFC00B31;
368 pContext->state.state32[5] = 0x68581511;
369 pContext->state.state32[6] = 0x64F98FA7;
370 pContext->state.state32[7] = 0xBEFA4FA4;
371 }
372 else if (_algorithm == SHA_256)
373 {
374 pContext->state.state32[0] = 0x6A09E667;
375 pContext->state.state32[1] = 0xBB67AE85;
376 pContext->state.state32[2] = 0x3C6EF372;
377 pContext->state.state32[3] = 0xA54FF53A;
378 pContext->state.state32[4] = 0x510E527F;
379 pContext->state.state32[5] = 0x9B05688C;
380 pContext->state.state32[6] = 0x1F83D9AB;
381 pContext->state.state32[7] = 0x5BE0CD19;
382 }
383 else if (_algorithm == SHA_384)
384 {
385 pContext->state.state64[0] = UL64(0xCBBB9D5DC1059ED8);
386 pContext->state.state64[1] = UL64(0x629A292A367CD507);
387 pContext->state.state64[2] = UL64(0x9159015A3070DD17);
388 pContext->state.state64[3] = UL64(0x152FECD8F70E5939);
389 pContext->state.state64[4] = UL64(0x67332667FFC00B31);
390 pContext->state.state64[5] = UL64(0x8EB44A8768581511);
391 pContext->state.state64[6] = UL64(0xDB0C2E0D64F98FA7);
392 pContext->state.state64[7] = UL64(0x47B5481DBEFA4FA4);
393 }
394 else
395 {
396 pContext->state.state64[0] = UL64(0x6A09E667F3BCC908);
397 pContext->state.state64[1] = UL64(0xBB67AE8584CAA73B);
398 pContext->state.state64[2] = UL64(0x3C6EF372FE94F82B);
399 pContext->state.state64[3] = UL64(0xA54FF53A5F1D36F1);
400 pContext->state.state64[4] = UL64(0x510E527FADE682D1);
401 pContext->state.state64[5] = UL64(0x9B05688C2B3E6C1F);
402 pContext->state.state64[6] = UL64(0x1F83D9ABFB41BD6B);
403 pContext->state.state64[7] = UL64(0x5BE0CD19137E2179);
404 }
405}
406
407const DigestEngine::Digest& SHA2Engine::digest()
408{
409 _digest.clear();
410 if (_context == NULL) return _digest;
411 HASHCONTEXT* pContext = (HASHCONTEXT*)_context;
412 size_t last, padn;
413 unsigned char hash[64];
414 memset(hash, 0, 64);
415 if (pContext->size > SHA_256)
416 {
417 unsigned char msglen[16];
418 Poco::UInt64 high = (pContext->total.total64[0] >> 61) | (pContext->total.total64[1] << 3);
419 Poco::UInt64 low = (pContext->total.total64[0] << 3);
420 PUT_UINT64(high, msglen, 0);
421 PUT_UINT64(low, msglen, 8);
422 last = (size_t)(pContext->total.total64[0] & 0x7F);
423 padn = (last < 112) ? (112 - last) : (240 - last);
424 updateImpl(padding, padn);
425 updateImpl(msglen, 16);
426 PUT_UINT64(pContext->state.state64[0], hash, 0);
427 PUT_UINT64(pContext->state.state64[1], hash, 8);
428 PUT_UINT64(pContext->state.state64[2], hash, 16);
429 PUT_UINT64(pContext->state.state64[3], hash, 24);
430 PUT_UINT64(pContext->state.state64[4], hash, 32);
431 PUT_UINT64(pContext->state.state64[5], hash, 40);
432 if (pContext->size > SHA_384)
433 {
434 PUT_UINT64(pContext->state.state64[6], hash, 48);
435 PUT_UINT64(pContext->state.state64[7], hash, 56);
436 }
437 }
438 else
439 {
440 unsigned char msglen[8];
441 Poco::UInt32 high = (pContext->total.total32[0] >> 29) | (pContext->total.total32[1] << 3);
442 Poco::UInt32 low = (pContext->total.total32[0] << 3);
443 PUT_UINT32(high, msglen, 0);
444 PUT_UINT32(low, msglen, 4);
445 last = pContext->total.total32[0] & 0x3F;
446 padn = (last < 56) ? (56 - last) : (120 - last);
447 updateImpl(padding, padn);
448 updateImpl(msglen, 8);
449 PUT_UINT32(pContext->state.state32[0], hash, 0);
450 PUT_UINT32(pContext->state.state32[1], hash, 4);
451 PUT_UINT32(pContext->state.state32[2], hash, 8);
452 PUT_UINT32(pContext->state.state32[3], hash, 12);
453 PUT_UINT32(pContext->state.state32[4], hash, 16);
454 PUT_UINT32(pContext->state.state32[5], hash, 20);
455 PUT_UINT32(pContext->state.state32[6], hash, 24);
456 if (pContext->size > SHA_224) PUT_UINT32(pContext->state.state32[7], hash, 28);
457 }
458 _digest.insert(_digest.begin(), hash, hash + digestLength());
459 reset();
460 return _digest;
461}
462
463} // namespace Poco
464