search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
vfs: check userland buffers before reading them.
[haiku.git] / src / system / libroot / posix / crypt / SHA256.cpp
blobb15c45475286ec2c3acabd2c84866a16fcdd7cfa
1 /*
2 * Copyright 2008, Ingo Weinhold, ingo_weinhold@gmx.de.
3 * Distributed under the terms of the MIT License.
4 */
5
6
7 #include "SHA256.h"
8
9 #include <stdio.h>
10 #include <string.h>
11
12 #include <ByteOrder.h>
13
14
15 namespace BPrivate {
16
17
18 static const uint32 kChunkSize = 64; // 64 bytes == 512 bits
19
20 static const uint32 kRounds[64] = {
21 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
22 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
23 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
24 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
25 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
26 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
27 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
28 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
29 };
30 static const uint32 kHash[8] = {
31 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
32 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
33 };
34
35
36 static inline uint32
37 rotate_right(uint32 value, int bits)
38 {
39 return (value >> bits) | (value << (32 - bits));
40 }
41
42
43 // #pragma mark -
44
45
46 SHA256::SHA256()
47 {
48 Init();
49 }
50
51
52 SHA256::~SHA256()
53 {
54 }
55
56
57 void
58 SHA256::Init()
59 {
60 memcpy(fHash, kHash, sizeof(kHash));
61
62 fBytesInBuffer = 0;
63 fMessageSize = 0;
64 fDigested = false;
65 }
66
67
68 void
69 SHA256::Update(const void* _buffer, size_t size)
70 {
71 const uint8* buffer = (const uint8*)_buffer;
72 fMessageSize += size;
73
74 while (fBytesInBuffer + size >= kChunkSize) {
75 size_t toCopy = kChunkSize - fBytesInBuffer;
76 memcpy((uint8*)fBuffer + fBytesInBuffer, buffer, toCopy);
77 buffer += toCopy;
78 size -= toCopy;
79
80 _ProcessChunk();
81 fBytesInBuffer = 0;
82 }
83
84 if (size > 0) {
85 memcpy((uint8*)fBuffer + fBytesInBuffer, buffer, size);
86 fBytesInBuffer += size;
87 }
88 }
89
90
91 const uint8*
92 SHA256::Digest()
93 {
94 if (!fDigested) {
95 // We need to append a 1 bit, append padding with 0 bits, and append
96 // the message size in bits (64 bit big-endian int), so that the whole
97 // is chunk-aligned. So we either have to process one last chunk or two
98 // chunks.
99
100 // append the 1 bit
101 ((uint8*)fBuffer)[fBytesInBuffer] = 0x80;
102 fBytesInBuffer++;
103
104 // if the message size doesn't fit anymore, we pad the chunk and
105 // process it
106 if (fBytesInBuffer > kChunkSize - 8) {
107 memset((uint8*)fBuffer + fBytesInBuffer, 0,
108 kChunkSize - fBytesInBuffer);
109 _ProcessChunk();
110 fBytesInBuffer = 0;
111 }
112
113 // pad the buffer
114 if (fBytesInBuffer < kChunkSize - 8) {
115 memset((uint8*)fBuffer + fBytesInBuffer, 0,
116 kChunkSize - 8 - fBytesInBuffer);
117 }
118
119 // write the (big-endian) message size in bits
120 uint64* target = (uint64*)((uint8*)fBuffer + kChunkSize - 8);
121 *target = B_HOST_TO_BENDIAN_INT64((uint64)fMessageSize * 8);
122
123 _ProcessChunk();
124
125 // set digest
126 for (int i = 0; i < 8; i++)
127 fDigest[i] = B_HOST_TO_BENDIAN_INT32(fHash[i]);
128
129 fDigested = true;
130 }
131
132 return (uint8*)fDigest;
133 }
134
135
136 void
137 SHA256::_ProcessChunk()
138 {
139 // convert endianess -- the data are supposed to be a stream of
140 // 32 bit big-endian integers
141 #if B_HOST_IS_LENDIAN
142 for (int i = 0; i < (int)kChunkSize / 4; i++)
143 fBuffer[i] = B_SWAP_INT32(fBuffer[i]);
144 #endif
145
146 // pre-process buffer (extend to 64 elements)
147 for (int i = 16; i < 64; i++) {
148 uint32 v0 = fBuffer[i - 15];
149 uint32 v1 = fBuffer[i - 2];
150 uint32 s0 = rotate_right(v0, 7) ^ rotate_right(v0, 18) ^ (v0 >> 3);
151 uint32 s1 = rotate_right(v1, 17) ^ rotate_right(v1, 19) ^ (v1 >> 10);
152 fBuffer[i] = fBuffer[i - 16] + s0 + fBuffer[i - 7] + s1;
153 }
154
155 uint32 a = fHash[0];
156 uint32 b = fHash[1];
157 uint32 c = fHash[2];
158 uint32 d = fHash[3];
159 uint32 e = fHash[4];
160 uint32 f = fHash[5];
161 uint32 g = fHash[6];
162 uint32 h = fHash[7];
163
164 // process the buffer
165 for (int i = 0; i < 64; i++) {
166 uint32 s0 = rotate_right(a, 2) ^ rotate_right(a, 13)
167 ^ rotate_right(a, 22);
168 uint32 maj = (a & b) ^ (a & c) ^ (b & c);
169 uint32 t2 = s0 + maj;
170 uint32 s1 = rotate_right(e, 6) ^ rotate_right(e, 11)
171 ^ rotate_right(e, 25);
172 uint32 ch = (e & f) ^ (~e & g);
173 uint32 t1 = h + s1 + ch + kRounds[i] + fBuffer[i];
174
175 h = g;
176 g = f;
177 f = e;
178 e = d + t1;
179 d = c;
180 c = b;
181 b = a;
182 a = t1 + t2;
183 }
184
185 fHash[0] += a;
186 fHash[1] += b;
187 fHash[2] += c;
188 fHash[3] += d;
189 fHash[4] += e;
190 fHash[5] += f;
191 fHash[6] += g;
192 fHash[7] += h;
193 }
194
195
196 } // namespace BPrivate
Clone of Haiku svn repository