@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.1.1.1 2014/03/05 05:09:44 agc Exp $
+# $NetBSD: Makefile,v 1.2 2015/02/12 01:57:57 agc Exp $
 
-DISTNAME=		multigest-20140303
+DISTNAME=		multigest-20150211
 CATEGORIES=		security
 MASTER_SITES=		# not used
 DISTFILES=		# not used

@@ -311,7 +311,7 @@
 	int i;
 
 	for (i = 0; i < 16; ++i) {
-		m[i] = load64(block + i * sizeof(m[i]));
+		m[i] = load64(block + (sizeof(m[i]) * (uint64_t)i));
 	}
 	for (i = 0; i < 8; ++i) {
 		v[i] = S->h[i];
@@ -412,7 +412,7 @@
 	blake2b_compress(S, S->buf);
 	for (i = 0; i < 8; ++i) {
 		/* Output full hash to temp buffer */ 
-		store64(buffer + sizeof(S->h[i]) * i, S->h[i]);
+		store64(buffer + (sizeof(S->h[i]) * (uint64_t)i), S->h[i]);
 	}
 	memcpy(out, buffer, outlen);
 	return 0;

@@ -540,9 +540,9 @@
 			p_buf += 4;
 		} else {
 			crc ^= *p_buf++;
-			crc ^= (*p_buf++) << 8;
-			crc ^= (*p_buf++) << 16;
-			crc ^= (*p_buf++) << 24;
+			crc ^= (uint32_t)(*p_buf++) << 8;
+			crc ^= (uint32_t)(*p_buf++) << 16;
+			crc ^= (uint32_t)(*p_buf++) << 24;
 		}
 		term1 = crc_tableil8_o88[crc & 0x000000FF] ^
 		    crc_tableil8_o80[(crc >> 8) & 0x000000FF];

@@ -192,9 +192,9 @@
 
 	if (((*LFSR) & 0x80) != 0) {
 		/* Primitive polynomial over GF(2): x^8+x^6+x^5+x^4+1 */
-		(*LFSR) = ((*LFSR) << 1) ^ 0x71;
+		(*LFSR) = (uint8_t)((*LFSR) << 1) ^ 0x71;
 	} else {
-		(*LFSR) = (*LFSR) << 1;
+		(*LFSR) = (uint8_t)((*LFSR) << 1);
 	}
 	return result;
 }
@@ -208,7 +208,7 @@
 	for (i = 0; i < KECCAK_NUM_ROUNDS; i++) {
 		ctx->RoundConstants[i] = 0;
 		for (j = 0; j < 7; j++) {
-			bitPosition = (1<<j)-1; /*2^j-1 */
+			bitPosition = (unsigned)(1<<j)-1; /*2^j-1 */
 			if (LFSR86540(&LFSRstate)) {
 				ctx->RoundConstants[i] ^= (uint64_t)1<<bitPosition;
 			}
@@ -298,7 +298,7 @@
 				absorb_queue(ctx);
 			}
 			if (partialByte > 0) {
-				uint8_t mask = (1 << partialByte)-1;
+				uint8_t mask = (uint8_t)((1 << partialByte)-1);
 				ctx->dataQueue[ctx->bitsInQueue/8] = data[(unsigned long)i/8] & mask;
 				ctx->bitsInQueue += partialByte;
 				i += partialByte;
@@ -313,14 +313,14 @@
 {
 	/* Note: the bits are numbered from 0=LSB to 7=MSB */
 	if (ctx->bitsInQueue + 1 == ctx->rate) {
-		ctx->dataQueue[ctx->bitsInQueue/8 ] |= 1 << (ctx->bitsInQueue % 8);
+		ctx->dataQueue[ctx->bitsInQueue/8 ] |= (uint8_t)(1 << (ctx->bitsInQueue % 8));
 		absorb_queue(ctx);
 		memset(ctx->dataQueue, 0, ctx->rate/8);
 	} else {
 		memset(ctx->dataQueue + (ctx->bitsInQueue+7)/8, 0, ctx->rate/8 - (ctx->bitsInQueue+7)/8);
-		ctx->dataQueue[ctx->bitsInQueue/8 ] |= 1 << (ctx->bitsInQueue % 8);
+		ctx->dataQueue[ctx->bitsInQueue/8 ] |= (uint8_t)(1 << (ctx->bitsInQueue % 8));
 	}
-	ctx->dataQueue[(ctx->rate-1)/8] |= 1 << ((ctx->rate-1) % 8);
+	ctx->dataQueue[(ctx->rate-1)/8] |= (uint8_t)(1 << ((ctx->rate-1) % 8));
 	absorb_queue(ctx);
 	memcpy(ctx->dataQueue, ctx->state, ctx->rate/8);
 	ctx->bitsAvailableForSqueezing = ctx->rate;
@@ -381,7 +381,7 @@
 	default:
 		return BAD_HASHLEN;
 	}
-	ctx->fixedOutputLength = hashbitlen;
+	ctx->fixedOutputLength = (uint32_t)hashbitlen;
 	return SUCCESS;
 }
 
@@ -398,7 +398,7 @@
 		uint8_t lastByte; 
 
 		/* Align the last partial byte to the least significant bits */
-		lastByte = data[(unsigned long)databitlen/8] >> (8 - (databitlen % 8));
+		lastByte = (uint8_t)(data[(unsigned long)databitlen/8] >> (8 - (databitlen % 8)));
 		return absorb((KECCAK_CTX*)ctx, &lastByte, databitlen % 8);
 	}
 	return ret;

@@ -1,6 +1,6 @@
-.\" $NetBSD: libmultigest.3,v 1.1.1.1 2014/03/05 05:09:44 agc Exp $
+.\" $NetBSD: libmultigest.3,v 1.2 2015/02/12 01:57:57 agc Exp $
 .\"
-.\" Copyright (c) 2013,2014 Alistair Crooks <agc@NetBSD.org>
+.\" Copyright (c) 2013,2014,2015 Alistair Crooks <agc@NetBSD.org>
 .\" All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -23,7 +23,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd March 3, 2014
+.Dd February 11, 2015
 .Dt LIBMULTIGEST 3
 .Os
 .Sh NAME
@@ -47,7 +47,7 @@
 .Fc
 .Ft void
 .Fo multigest_update
-.Fa "multigest_t *mg" "const char *data" "size_t length"
+.Fa "multigest_t *mg" "const void *data" "size_t length"
 .Fc
 .Ft void
 .Fo multigest_final
@@ -55,7 +55,7 @@
 .Fc
 .Ft "uint8_t *"
 .Fo multigest_data
-.Fa "const char *algorithms" "const char *data" "size_t length"
+.Fa "const char *algorithms" "const void *data" "size_t length"
 .Fa "const unsigned char *rawoutput" "const char *substregex"
 .Fa "const char *replacement"
 .Fc
@@ -123,6 +123,14 @@
 WHIRLPOOL
 .Ed
 .Pp
+In addition, a number of hash combiner functions are defined:
+.Bd -literal -offset indent
+CONCAT
+HASH
+XOR
+COMB4P
+.Ed
+.Pp
 The
 .Dv crc32c
 checksum is a simple, lightweight checksum, as found in SCTP and iSCSI.
@@ -154,6 +162,49 @@
 Digest names are provided to the initialisation function in a comma-separated
 list of names.
 .Pp
+The combiner functions define how the individual digests will be combined
+in the finalisation stage.
+They have different qualities, and different uses.
+.Pp
+The
+.Dq CONCAT
+algorithm, the default, simply concatenates the digests in the output.
+It is useful when collision resistance is needed, but not pre-image resistance,
+second pre-image resistance or PRF functionality.
+.Pp
+The
+.Dq Comb4P
+combiner should be used when collision resistance is needed,
+or as a PRF, where target-collision resistance is needed, or
+as a MAC.
+However, this combiner is not as efficient as the other combiner algorithms,
+requiring more CPU cycles.
+.Pp
+The
+.Dq XOR
+combiner xors the first two digests together.
+This is useful as a PRF, but not where
+collision resistance is needed.
+.Pp
+Finally, the
+.Dq HASH
+combiner takes the output of the second digest's
+finalisation routine, and passes that as an update to the current state of
+the first digest, and then finalises the multigest.
+This is useful where pre-image resistance is needed,
+but should not be used if collision resistance is needed.
+.Pp
+If less than two digest algorithms are provided in conjunction
+with a combiner function, a zero multigest will result.
+In addition, if the
+.Dq XOR
+combiner is given the same digest function as input, a zero
+multigest will result.
+The
+.Dq Comb4P
+combiner should be given two digests of the same size,
+or a zero multigest will result.
+.Pp
 There are two interfaces to the
 .Nm
 library, one using the lower-level functions
@@ -197,6 +248,6 @@
 The
 .Nm
 library first appeared in
-.Nx 7.0 .
+.Nx 8.0 .
 .Sh AUTHORS
 .An Alistair Crooks Aq Mt agc@NetBSD.org .

@@ -41,12 +41,12 @@
 static int
 do_input(const char *alg, uint8_t *raw, const char *pat, const char *repl)
 {
+	ssize_t	 rc;
 	size_t	 cc;
-	size_t	 rc;
 	char	*data;
 
 	if ((data = calloc(1, MB(4))) != NULL) {
-		for (cc = 0 ; cc < MB(4) ; cc += rc) {
+		for (cc = 0 ; cc < MB(4) ; cc += (size_t)rc) {
 			if ((rc = read(fileno(stdin), &data[cc], MB(4) - cc)) <= 0) {
 				break;
 			}
@@ -110,11 +110,11 @@
 		return 0;
 	}
 	fstat(fileno(fp), &st);
-	if ((in = calloc(1, st.st_size + 1)) == NULL) {
+	if ((in = calloc(1, (size_t)(st.st_size + 1))) == NULL) {
 		fclose(fp);
 		return 0;
 	}
-	read(fileno(fp), in, st.st_size);
+	read(fileno(fp), in, (size_t)(st.st_size));
 	in[st.st_size] = 0x0;
 	fclose(fp);
 	if (regexec(&r, in, 10, match, 0) != 0) {
@@ -129,7 +129,7 @@
 	getsubst(subs, from, sizeof(from), to, sizeof(to));
 	multigest_file(alg, file, raw, from, to);
 	multigest_format_hex(raw, alg, calc, sizeof(calc));
-	if ((ret = memcmp(calc, provided, match[4].rm_eo - match[4].rm_so)) != 0) {
+	if ((ret = memcmp(calc, provided, (size_t)(match[4].rm_eo - match[4].rm_so))) != 0) {
 		fprintf(stderr, "multigest: provided digest:   '%s', calculated digest: '%s'\n", provided, calc);
 	}
 	regfree(&r);

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2013 Alistair Crooks <agc@NetBSD.org>
+ * Copyright (c) 2013,2015 Alistair Crooks <agc@NetBSD.org>
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -86,232 +86,248 @@
 /*****/
 
 static void
-wrap_sha1_init(void *v)
+wrap_md5_init(void *v)
 {
-	SHA1Init(v);
+	MD5Init(v);
 }
 
 static void
-wrap_md5_init(void *v)
+wrap_md5_update(void *v, const void *data, unsigned len)
 {
-	MD5Init(v);
+	MD5Update(v, (const uint8_t *)data, len);
 }
 
 static void
-wrap_sha256_init(void *v)
+wrap_md5_final(uint8_t *raw, void *v)
 {
-	SHA256_Init(v);
+	MD5Final(raw, v);
 }
 
+/*****/
+
 static void
-wrap_sha512_init(void *v)
+wrap_sha1_init(void *v)
 {
-	SHA512_Init(v);
+	SHA1Init(v);
 }
 
 static void
-wrap_rmd160_init(void *v)
+wrap_sha1_update(void *v, const void *data, unsigned len)
 {
-	RMD160Init(v);
+	SHA1Update(v, (const uint8_t *)data, len);
 }
 
 static void
-wrap_crc32c_init(void *v)
+wrap_sha1_final(uint8_t *raw, void *v)
 {
-	crc32c_init(v);
+	SHA1Final(raw, v);
 }
 
+/*****/
+
 static void
-wrap_tiger_init(void *v)
+wrap_sha256_init(void *v)
 {
-	TIGER_Init(v);
+	SHA256_Init(v);
 }
 
 static void
-wrap_tiger2_init(void *v)
+wrap_sha256_update(void *v, const void *data, unsigned len)
 {
-	TIGER2_Init(v);
+	SHA256_Update(v, (const uint8_t *)data, len);
 }
 
 static void
-wrap_blake2_init(void *v)
+wrap_sha256_final(uint8_t *raw, void *v)
 {
-	blake2b_init(v, 64);
+	SHA256_Final(raw, v);
 }
 
+/*****/
+
 static void
-wrap_whirlpool_init(void *v)
+wrap_sha512_init(void *v)
 {
-	whirlpool_init(v);
+	SHA512_Init(v);
 }
 
 static void
-wrap_keccak224_init(void *v)
+wrap_sha512_update(void *v, const void *data, unsigned len)
 {
-	KECCAK_Init(v, 224);
+	SHA512_Update(v, (const uint8_t *)data, len);
 }
 
 static void
-wrap_keccak256_init(void *v)
+wrap_sha512_final(uint8_t *raw, void *v)
 {
-	KECCAK_Init(v, 256);
+	SHA512_Final(raw, v);
 }
 
+/*****/
+
 static void
-wrap_keccak384_init(void *v)
+wrap_rmd160_init(void *v)
 {
-	KECCAK_Init(v, 384);
+	RMD160Init(v);
 }
 
 static void
-wrap_keccak512_init(void *v)
+wrap_rmd160_update(void *v, const void *data, unsigned len)
 {
-	KECCAK_Init(v, 512);
+	RMD160Update(v, (const uint8_t *)data, len);
 }
 
 static void
-wrap_size_init(void *v)
+wrap_rmd160_final(uint8_t *raw, void *v)
 {
-	memset(v, 0x0, sizeof(uint64_t));
+	RMD160Final(raw, v);
 }
 
 /*****/
 
 static void
-wrap_md5_update(void *v, const char *data, unsigned len)
+wrap_crc32c_init(void *v)
 {
-	MD5Update(v, (const uint8_t *)data, len);
+	crc32c_init(v);
 }
 
 static void
-wrap_sha1_update(void *v, const char *data, unsigned len)
+wrap_crc32c_update(void *v, const void *data, unsigned len)
 {
-	SHA1Update(v, (const uint8_t *)data, len);
+	crc32c_update(v, (const uint8_t *)data, len);
 }
 
 static void
-wrap_sha256_update(void *v, const char *data, unsigned len)
+wrap_crc32c_final(uint8_t *raw, void *v)
 {
-	SHA256_Update(v, (const uint8_t *)data, len);
+	crc32c_final((ctx32_t *)(void *)raw, v);
 }
 
-static void
-wrap_sha512_update(void *v, const char *data, unsigned len)
-{
-	SHA512_Update(v, (const uint8_t *)data, len);
-}
+/*****/
 
 static void
-wrap_rmd160_update(void *v, const char *data, unsigned len)
+wrap_tiger_init(void *v)
 {
-	RMD160Update(v, (const uint8_t *)data, len);
+	TIGER_Init(v);
 }
 
 static void
-wrap_crc32c_update(void *v, const char *data, unsigned len)
+wrap_tiger2_init(void *v)
 {
-	crc32c_update(v, (const uint8_t *)data, len);
+	TIGER2_Init(v);
 }
 
 static void
-wrap_tiger_update(void *v, const char *data, unsigned len)
+wrap_tiger_update(void *v, const void *data, unsigned len)
 {
 	TIGER_Update(v, (const uint8_t *)data, len);
 }
 
 static void
-wrap_blake2_update(void *v, const char *data, unsigned len)
+wrap_tiger_final(uint8_t *raw, void *v)
 {
-	blake2b_update(v, (const uint8_t *)data, (uint64_t)len);
+	TIGER_Final(raw, v);
 }
 
+/*****/
+
 static void
-wrap_whirlpool_update(void *v, const char *data, unsigned len)
+wrap_blake2_init(void *v)
 {
-	whirlpool_update(v, (const uint8_t *)data, len);
+	blake2b_init(v, 64);
 }
 
 static void
-wrap_keccak_update(void *v, const char *data, unsigned len)
+wrap_blake2_update(void *v, const void *data, unsigned len)
 {
-	/* number of bits for keccak */
-	KECCAK_Update(v, (const uint8_t *)data, (uint64_t)(len * 8));
+	blake2b_update(v, (const uint8_t *)data, (uint64_t)len);
 }
 
 static void
-wrap_size_update(void *v, const char *data, unsigned len)
+wrap_blake2_final(uint8_t *raw, void *v)
 {
-	uint64_t	n;
-
-	USE_ARG(data);
-	memcpy(&n, v, sizeof(n));
-	n += len;
-	memcpy(v, &n, sizeof(n));
+	blake2b_final(v, raw, 64);
 }
 
 /*****/
 
 static void
-wrap_sha1_final(uint8_t *raw, void *v)
+wrap_whirlpool_init(void *v)
 {
-	SHA1Final(raw, v);
+	whirlpool_init(v);
 }
 
 static void
-wrap_sha256_final(uint8_t *raw, void *v)
+wrap_whirlpool_update(void *v, const void *data, unsigned len)
 {
-	SHA256_Final(raw, v);
+	whirlpool_update(v, (const uint8_t *)data, len);
 }
 
 static void
-wrap_sha512_final(uint8_t *raw, void *v)
+wrap_whirlpool_final(uint8_t *raw, void *v)
 {
-	SHA512_Final(raw, v);
+	whirlpool_finalize((char *)raw, v);
 }
 
+/*****/
+
 static void
-wrap_rmd160_final(uint8_t *raw, void *v)
+wrap_keccak224_init(void *v)
 {
-	RMD160Final(raw, v);
+	KECCAK_Init(v, 224);
 }
 
 static void
-wrap_md5_final(uint8_t *raw, void *v)
+wrap_keccak256_init(void *v)
 {
-	MD5Final(raw, v);
+	KECCAK_Init(v, 256);
 }
 
 static void
-wrap_crc32c_final(uint8_t *raw, void *v)
+wrap_keccak384_init(void *v)
 {
-	crc32c_final((ctx32_t *)(void *)raw, v);
+	KECCAK_Init(v, 384);
 }
 
 static void
-wrap_tiger_final(uint8_t *raw, void *v)
+wrap_keccak512_init(void *v)
 {
-	TIGER_Final(raw, v);
+	KECCAK_Init(v, 512);
 }
 
 static void
-wrap_blake2_final(uint8_t *raw, void *v)
+wrap_keccak_update(void *v, const void *data, unsigned len)
 {
-	blake2b_final(v, raw, 64);
+	/* number of bits for keccak */
+	KECCAK_Update(v, (const uint8_t *)data, (uint64_t)(len * 8));
 }
 
 static void
-wrap_whirlpool_final(uint8_t *raw, void *v)
+wrap_keccak_final(uint8_t *raw, void *v)
 {
-	whirlpool_finalize((char *)raw, v);
+	KECCAK_Final(v, raw);
 }
 
+/*****/
+
 static void
-wrap_keccak_final(uint8_t *raw, void *v)
+wrap_size_init(void *v)
 {
-	KECCAK_Final(v, raw);
+	memset(v, 0x0, sizeof(uint64_t));
 }
 
 static void
+wrap_size_update(void *v, const void *data, unsigned len)
+{
+	uint64_t	n;
+
+	USE_ARG(data);
+	memcpy(&n, v, sizeof(n));
+	n += len;
+	memcpy(v, &n, sizeof(n));
+}
+
+static void
 wrap_size_final(uint8_t *raw, void *v)
 {
 	const int	indian = 1;
@@ -332,6 +348,34 @@
 
 /*****/
 
+static void
+wrap_null_init(void *v)
+{
+	USE_ARG(v);
+}
+
+static void
+wrap_null_update(void *v, const void *data, unsigned len)
+{
+	USE_ARG(v);
+	USE_ARG(data);
+	USE_ARG(len);
+}
+
+static void
+wrap_null_final(uint8_t *raw, void *v)
+{
+	USE_ARG(raw);
+	USE_ARG(v);
+}
+
+/*****/
+
+#define COMBINE_CONCAT		0x0
+#define COMBINE_COMB4P		0x1
+#define COMBINE_HASH		0x2
+#define COMBINE_XOR		0x3
+
 /* digest algorithm struct */
 typedef struct Alg {
 	const char	*name;		/* digest name */
@@ -341,30 +385,38 @@
 	mg_initfunc_t	 init;		/* digest init function */
 	mg_updatefunc_t	 update;	/* digest update function */
 	mg_finalfunc_t	 final;		/* digest final function */
+	uint32_t	 combiner;	/* combination type */
 } Alg;
 
 static const Alg	algs[] = {
-	{ "MD5",	3, sizeof(MD5_CTX), 	16, wrap_md5_init, wrap_md5_update, wrap_md5_final },
-	{ "SHA1",	4, sizeof(SHA1_CTX), 	20, wrap_sha1_init, wrap_sha1_update, wrap_sha1_final },
-	{ "SHA256",	6, sizeof(SHA256_CTX), 	32, wrap_sha256_init, wrap_sha256_update, wrap_sha256_final },
-	{ "SHA512",	6, sizeof(SHA512_CTX), 	64, wrap_sha512_init, wrap_sha512_update, wrap_sha512_final },
-	{ "BLAKE2",	6, sizeof(BLAKE2_CTX),	64, wrap_blake2_init, wrap_blake2_update, wrap_blake2_final },
-	{ "RMD160",	6, sizeof(RMD160_CTX), 	20, wrap_rmd160_init, wrap_rmd160_update, wrap_rmd160_final },
-	{ "RIPEMD160",	9, sizeof(RMD160_CTX), 	20, wrap_rmd160_init, wrap_rmd160_update, wrap_rmd160_final },
-	{ "CRC32C",	6, sizeof(ctx32_t), 	4,  wrap_crc32c_init, wrap_crc32c_update, wrap_crc32c_final },
-	{ "TIGER2",	6, sizeof(TIGER_CTX), 	24, wrap_tiger2_init, wrap_tiger_update, wrap_tiger_final },
-	{ "TIGER",	5, sizeof(TIGER_CTX), 	24, wrap_tiger_init, wrap_tiger_update, wrap_tiger_final },
-	{ "WHIRLPOOL",	9, sizeof(whirlpool_context_t), 64, wrap_whirlpool_init, wrap_whirlpool_update, wrap_whirlpool_final },
-	{ "SHA3-224",	8, sizeof(KECCAK_CTX),	28, wrap_keccak224_init, wrap_keccak_update, wrap_keccak_final },
-	{ "SHA3-256",	8, sizeof(KECCAK_CTX),	32, wrap_keccak256_init, wrap_keccak_update, wrap_keccak_final },
-	{ "SHA3-384",	8, sizeof(KECCAK_CTX),	48, wrap_keccak384_init, wrap_keccak_update, wrap_keccak_final },
-	{ "SHA3-512",	8, sizeof(KECCAK_CTX),	64, wrap_keccak512_init, wrap_keccak_update, wrap_keccak_final },
-	{ "KECCAK-224",	10, sizeof(KECCAK_CTX),	28, wrap_keccak224_init, wrap_keccak_update, wrap_keccak_final },
-	{ "KECCAK-256",	10, sizeof(KECCAK_CTX),	32, wrap_keccak256_init, wrap_keccak_update, wrap_keccak_final },
-	{ "KECCAK-384",	10, sizeof(KECCAK_CTX),	48, wrap_keccak384_init, wrap_keccak_update, wrap_keccak_final },
-	{ "KECCAK-512",	10, sizeof(KECCAK_CTX),	64, wrap_keccak512_init, wrap_keccak_update, wrap_keccak_final },
-	{ "SIZE",	4, sizeof(uint64_t),	8, wrap_size_init, wrap_size_update, wrap_size_final },
-	{ NULL, 0, 0, 0, NULL, NULL, NULL}
+	{ "MD5",	3, sizeof(MD5_CTX), 	16, wrap_md5_init, wrap_md5_update, wrap_md5_final, 0 },
+	{ "SHA1",	4, sizeof(SHA1_CTX), 	20, wrap_sha1_init, wrap_sha1_update, wrap_sha1_final, 0 },
+	{ "SHA256",	6, sizeof(SHA256_CTX), 	32, wrap_sha256_init, wrap_sha256_update, wrap_sha256_final, 0 },
+	{ "SHA512",	6, sizeof(SHA512_CTX), 	64, wrap_sha512_init, wrap_sha512_update, wrap_sha512_final, 0 },
+	{ "BLAKE2",	6, sizeof(BLAKE2_CTX),	64, wrap_blake2_init, wrap_blake2_update, wrap_blake2_final, 0 },
+	{ "RMD160",	6, sizeof(RMD160_CTX), 	20, wrap_rmd160_init, wrap_rmd160_update, wrap_rmd160_final, 0 },
+	{ "RIPEMD160",	9, sizeof(RMD160_CTX), 	20, wrap_rmd160_init, wrap_rmd160_update, wrap_rmd160_final, 0 },
+	{ "CRC32C",	6, sizeof(ctx32_t), 	4,  wrap_crc32c_init, wrap_crc32c_update, wrap_crc32c_final, 0 },
+	{ "TIGER2",	6, sizeof(TIGER_CTX), 	24, wrap_tiger2_init, wrap_tiger_update, wrap_tiger_final, 0 },
+	{ "TIGER",	5, sizeof(TIGER_CTX), 	24, wrap_tiger_init, wrap_tiger_update, wrap_tiger_final, 0 },
+	{ "WHIRLPOOL",	9, sizeof(whirlpool_context_t), 64, wrap_whirlpool_init, wrap_whirlpool_update, wrap_whirlpool_final, 0 },
+	{ "SHA3-224",	8, sizeof(KECCAK_CTX),	28, wrap_keccak224_init, wrap_keccak_update, wrap_keccak_final, 0 },
+	{ "SHA3-256",	8, sizeof(KECCAK_CTX),	32, wrap_keccak256_init, wrap_keccak_update, wrap_keccak_final, 0 },
+	{ "SHA3-384",	8, sizeof(KECCAK_CTX),	48, wrap_keccak384_init, wrap_keccak_update, wrap_keccak_final, 0 },
+	{ "SHA3-512",	8, sizeof(KECCAK_CTX),	64, wrap_keccak512_init, wrap_keccak_update, wrap_keccak_final, 0 },
+	{ "KECCAK-224",	10, sizeof(KECCAK_CTX),	28, wrap_keccak224_init, wrap_keccak_update, wrap_keccak_final, 0 },
+	{ "KECCAK-256",	10, sizeof(KECCAK_CTX),	32, wrap_keccak256_init, wrap_keccak_update, wrap_keccak_final, 0 },
+	{ "KECCAK-384",	10, sizeof(KECCAK_CTX),	48, wrap_keccak384_init, wrap_keccak_update, wrap_keccak_final, 0 },
+	{ "KECCAK-512",	10, sizeof(KECCAK_CTX),	64, wrap_keccak512_init, wrap_keccak_update, wrap_keccak_final, 0 },
+	{ "SIZE",	4, sizeof(uint64_t),	8, wrap_size_init, wrap_size_update, wrap_size_final, 0 },
+	{ "COMBCONCAT",	10, 0,			0, wrap_null_init, wrap_null_update, wrap_null_final, COMBINE_CONCAT },
+	{ "CONCAT",	6, 0,			0, wrap_null_init, wrap_null_update, wrap_null_final, COMBINE_CONCAT },
+	{ "COMB4P",	6, 0,			0, wrap_null_init, wrap_null_update, wrap_null_final, COMBINE_COMB4P },
+	{ "COMBHASH",	8, 0,			0, wrap_null_init, wrap_null_update, wrap_null_final, COMBINE_HASH },
+	{ "HASH",	4, 0,			0, wrap_null_init, wrap_null_update, wrap_null_final, COMBINE_HASH },
+	{ "COMBXOR",	7, 0,			0, wrap_null_init, wrap_null_update, wrap_null_final, COMBINE_XOR },
+	{ "XOR",	3, 0,			0, wrap_null_init, wrap_null_update, wrap_null_final, COMBINE_XOR },
+	{ NULL, 0, 0, 0, NULL, NULL, NULL, 0}
 };
 
 /* find an algorithm in the table above */
@@ -393,16 +445,18 @@
 	*from = 0;
 	while (multigest->r && len > 0) {
 		match[0].rm_so = *from;
-		match[0].rm_eo = len;
+		match[0].rm_eo = (regoff_t)len;
 		if (regexec(multigest->r, data, 2, match, REG_STARTEND) != 0) {
 			break;
 		}
 		for (d = multigest->digs, i = 0 ; i < multigest->digc ; i++, d++) {
-			(*d->update)(&multigest->ctx[d->ctxoff], &data[*from],
-				(unsigned)(match[0].rm_so - *from));
-			if (multigest->repllen) {
-				(*d->update)(&multigest->ctx[d->ctxoff], multigest->repl,
-					multigest->repllen);
+			if (d->rawsize) {
+				(*d->update)(&multigest->ctx[d->ctxoff], &data[*from],
+					(unsigned)(match[0].rm_so - *from));
+				if (multigest->repllen) {
+					(*d->update)(&multigest->ctx[d->ctxoff], multigest->repl,
+						multigest->repllen);
+				}
 			}
 		}
 		*from = match[0].rm_eo;
@@ -413,6 +467,64 @@
 	return 1;
 }
 
+/* xor the contents of two buffers together */
+static void
+xorbuf(uint8_t *out, uint8_t *in1, uint8_t *in2, size_t size)
+{
+	uint32_t	j;
+
+	for (j = 0 ; j < size ; j++) {
+		out[j] = in1[j] ^ in2[j];
+	}
+}
+
+/* a round of comb4p combination */
+static int
+comb4p_round(multigest_t *m, uint8_t *out, uint8_t *in, multigest_dig_t *d1, multigest_dig_t *d2, uint32_t r)
+{
+	const int	 indian = 1;
+	uint32_t	 b2;
+	uint32_t	 b4;
+	uint8_t		 h1[4096];
+	uint8_t		 h2[4096];
+
+	if (*(const char *)(const void *)&indian) {
+		/* little endian - convert to bg endian) */
+		b2 = (r & 0x00ff0000);
+		b4 = (r & 0x000000ff);
+		r = (r & 0xff00ff00) | (b2 >> 16) | (b4 << 16);
+	}
+	(*d1->update)(&m->ctx[d1->ctxoff], (const char *)&r, sizeof(r));
+	(*d2->update)(&m->ctx[d2->ctxoff], (const char *)&r, sizeof(r));
+	(*d1->update)(&m->ctx[d1->ctxoff], (const char *)in, (unsigned)d1->rawsize);
+	(*d2->update)(&m->ctx[d2->ctxoff], (const char *)in, (unsigned)d2->rawsize);
+	(*d1->final)(h1, &m->ctx[d1->ctxoff]);
+	xorbuf(out, out, h1, d1->rawsize);
+	(*d2->final)(h2, &m->ctx[d2->ctxoff]);
+	xorbuf(out, out, h2, d2->rawsize);
+	return 1;
+}
+
+/* point d1 and d2 at the first 2 digests found */
+static int
+find_digests(multigest_t *m, multigest_dig_t **d1, multigest_dig_t **d2)
+{
+	multigest_dig_t	*d;
+	uint32_t	 i;
+
+	*d1 = *d2 = NULL;
+	for (d = m->digs, i = 0 ; i < m->digc ; i++, d++) {
+		if (d->rawsize) {
+			if (*d1) {
+				*d2 = d;
+				return 1;
+			}
+			*d1 = d;
+		}
+	}
+	return 0;
+}
+
 /***************************************************************************/
 
 /* create a new struct and return it */
@@ -427,6 +539,8 @@
 multigest_init(multigest_t *multigest, const char *algname)
 {
 	multigest_dig_t	*d;
+	multigest_dig_t	*d1;
+	multigest_dig_t	*d2;
 	const Alg	*alg;
 	uint32_t	 ctxoff;
 	uint32_t	 i;
@@ -444,6 +558,9 @@
 				fprintf(stderr, "no such algorithm '%.10s'\n", algname);
 				break;
 			}
+			if (alg->combiner) {
+				multigest->combiner = alg->combiner;
+			}
 			if (ctxoff + alg->ctxsize >= multigest->ctxsize) {
 				if ((newv = realloc(multigest->ctx, multigest->ctxsize + 4096)) == NULL) {
 					fprintf(stderr, "multigest_init: allocation issues\n");
@@ -466,6 +583,32 @@
 			}
 			multigest->digc += 1;
 		}
+		switch (multigest->combiner) {
+		case COMBINE_CONCAT:
+			multigest->outsize = multigest->rawsize;
+			break;
+		case COMBINE_COMB4P:
+			if (!find_digests(multigest, &d1, &d2)) {
+				fprintf(stderr, "multigest: comb4p < 2 digests\n");
+				return 0;
+			}
+			multigest->outsize = d1->rawsize * 2;
+			break;
+		case COMBINE_XOR:
+			if (!find_digests(multigest, &d1, &d2)) {
+				fprintf(stderr, "multigest: xor < 2 digests\n");
+				return 0;
+			}
+			multigest->outsize = d1->rawsize;
+			break;
+		case COMBINE_HASH:
+			if (!find_digests(multigest, &d1, &d2)) {
+				fprintf(stderr, "multigest: hash < 2 digests\n");
+				return 0;
+			}
+			multigest->outsize = d1->rawsize;
+			break;
+		}
 		return 1;
 	}
 	fprintf(stderr, "!multigest || !algname\n");
@@ -493,50 +636,94 @@
 
 /* update the digest with the input */
 void
-multigest_update(multigest_t *multigest, const char *data, size_t len)
+multigest_update(multigest_t *multigest, const void *vdata, size_t len)
 {
 	multigest_dig_t	*d;
+	const char	*data = (const char *)vdata;
 	uint32_t	 i;
 	int64_t	 	 from;
 
 	if (multigest && data) {
 		normalise(multigest, data, len, &from);
 		for (d = multigest->digs, i = 0 ; i < multigest->digc ; i++, d++) {
-			(*d->update)(&multigest->ctx[d->ctxoff], &data[from], (unsigned)(len - from));
+			if (d->rawsize) {
+				(*d->update)(&multigest->ctx[d->ctxoff], &data[from], (unsigned)(len - (unsigned)from));
+			}
 		}
 	}
 }
 
 /* finalise the digest */
 void
-multigest_final(multigest_t *multigest, uint8_t *raw)
+multigest_final(multigest_t *m, uint8_t *raw)
 {
-	multigest_dig_t	*d;
+	multigest_dig_t	*d1;
+	multigest_dig_t	*d2;
 	uint32_t	 rawoff;
 	uint32_t	 i;
+	uint8_t		 h1[4096];
+	uint8_t		 h2[4096];
 
-	if (multigest && raw) {
-		rawoff = 0;
-		for (d = multigest->digs, i = 0 ; i < multigest->digc ; i++, d++) {
-			(*d->final)(&raw[rawoff], &multigest->ctx[d->ctxoff]);
-			rawoff += (uint32_t)d->rawsize;
+	if (m && raw) {
+		switch(m->combiner) {
+		case COMBINE_COMB4P:
+			if (!find_digests(m, &d1, &d2)) {
+				return;
+			}
+			memset(h1, 0x0, sizeof(h1));
+			memset(h2, 0x0, sizeof(h2));
+			(*d1->final)(h1, &m->ctx[d1->ctxoff]);
+			(*d2->final)(h2, &m->ctx[d2->ctxoff]);
+			xorbuf(h1, h1, h2, d2->rawsize);
+			comb4p_round(m, h2, h1, d1, d2, 1); 
+			comb4p_round(m, h1, h2, d1, d2, 2); 
+			memcpy(raw, h1, d1->rawsize);
+			memcpy(&raw[d1->rawsize], h2, d2->rawsize);
+			break;
+		case COMBINE_CONCAT:
+			rawoff = 0;
+			for (d1 = m->digs, i = 0 ; i < m->digc ; i++, d1++) {
+				if (d1->rawsize) {
+					(*d1->final)(&raw[rawoff], &m->ctx[d1->ctxoff]);
+					rawoff += (uint32_t)d1->rawsize;
+				}
+			}
+			break;
+		case COMBINE_HASH:
+			if (!find_digests(m, &d1, &d2)) {
+				return;
+			}
+			(*d2->final)(h2, &m->ctx[d2->ctxoff]);
+			(*d1->update)(&m->ctx[d1->ctxoff], h2, (unsigned)d1->rawsize);
+			(*d1->final)(raw, &m->ctx[d1->ctxoff]);
+			break;
+		case COMBINE_XOR:
+			if (!find_digests(m, &d1, &d2)) {
+				return;
+			}
+			(*d2->final)(h2, &m->ctx[d2->ctxoff]);
+			(*d1->final)(h1, &m->ctx[d1->ctxoff]);
+			xorbuf(raw, h1, h2, m->outsize);
+			break;
+		default:
+			break;
 		}
 	}
 }
 
 /* run sed on data and then digest it */
 uint8_t *
-multigest_data(const char *alg, const char *data, size_t size, uint8_t *raw, const char *pat, const char *repl)
+multigest_data(const char *alg, const void *data, size_t size, uint8_t *raw, const char *pat, const char *repl)
 {
-	multigest_t	s;
+	multigest_t	m;
 
 	if (data && alg && raw) {
-		memset(&s, 0x0, sizeof(s));
-		multigest_init(&s, alg);
-		multigest_add_subst(&s, pat, repl);
-		multigest_update(&s, data, size);
-		multigest_final(&s, raw);
-		multigest_free(&s);
+		memset(&m, 0x0, sizeof(m));
+		multigest_init(&m, alg);
+		multigest_add_subst(&m, pat, repl);
+		multigest_update(&m, data, size);
+		multigest_final(&m, raw);
+		multigest_free(&m);
 		return raw;
 	}
 	return NULL;
@@ -549,6 +736,7 @@
 	static const char	*hexes = "0123456789abcdef";
 	const char		*p[2];
 	const char		*i;
+	uint8_t			 num;
 	char			*o;
 
 	for (i = in, o = out ; (size_t)(o - out) < osize - 1 && (size_t)(i - in) < isize && *i ; o++) {
@@ -557,7 +745,8 @@
 			    (p[1] = strchr(hexes, i[2])) == NULL) {
 				break;
 			}
-			*o = ((char)(p[0] - hexes) * 16) + (p[1] - hexes);
+			num = (uint8_t)((p[0] - hexes) << 4) | (uint8_t)(p[1] - hexes);
+			*o = (char)num;
 			i += 3;
 		} else {
 			*o = *i++;
@@ -586,14 +775,14 @@
 			algname += 1;
 		}
 	}
-	return (int)(rawsize + rawsize + 1);
+	return (int)(rawsize + rawsize);
 }
 
 /* return the size of output array we'll need */
 uint32_t
 multigest_get_rawsize(multigest_t *multigest)
 {
-	return (multigest) ? (uint32_t)multigest->rawsize : 0;
+	return (multigest) ? (uint32_t)multigest->outsize : 0;
 }
 
 /* return the size of output array we'll need for the alg names */
@@ -637,6 +826,7 @@
 	const char *f, const char *sub, const char *sep, const char *format)
 {
 	const Alg	*alg;
+	size_t		 outsize;
 	size_t		 rawsize;
 	size_t		 i;
 	FILE		*fp;
@@ -665,16 +855,19 @@
 			fprintf(fp, ") = ");
 		}
 	}
-	for (rawsize = 0 ; *algname ; rawsize += alg->rawsize) {
+	outsize = multigest_algs_rawsize(algname);
+	for (rawsize = 0 ; *algname && rawsize < outsize ; rawsize += alg->rawsize) {
 		if ((alg = findalg(algname)) == NULL) {
 			break;
 		}
-		for (i = 0 ; i < alg->rawsize ; i++) {
-			fprintf(fp, "%02hhx", raw[rawsize + i]);
+		if (!alg->combiner) {
+			for (i = 0 ; i < alg->rawsize ; i++) {
+				fprintf(fp, "%02hhx", raw[rawsize + i]);
+			}
+			if (sep) {
+				fprintf(fp, "%s", sep);
+			}
 		}
-		if (sep) {
-			fprintf(fp, "%s", sep);
-		}
 		algname += alg->namelen;
 		if (*algname == ',') {
 			algname += 1;
@@ -708,11 +901,11 @@
 			return 0;
 		}
 		fstat(fileno(fp), &st);
-		size = st.st_size;
+		size = (size_t)st.st_size;
 		mapped = mmap(NULL, size, PROT_READ, MAP_SHARED, fileno(fp), 0);
 		if (mapped == MAP_FAILED) {
 			mapped = calloc(1, MB(1));
-			for (cc = 0 ; cc < size ; cc += rc) {
+			for (cc = 0 ; cc < size ; cc += (size_t)rc) {
 				if ((rc = read(fileno(fp), mapped, MB(1))) <= 0) {
 					break;
 				}
@@ -724,7 +917,7 @@
 			munmap(mapped, size);
 		}
 		fclose(fp);
-                multigest_final(&m, raw);
+		multigest_final(&m, raw);
                 multigest_free(&m);
 		return raw;
 	}

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2014 Alistair Crooks <agc@NetBSD.org>
+ * Copyright (c) 2014,2015 Alistair Crooks <agc@NetBSD.org>
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -23,14 +23,14 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #ifndef MULTIGEST_H_
-#define MULTIGEST_H_	20140304
+#define MULTIGEST_H_	20150211
 
 #include <sys/types.h>
 
 #include <inttypes.h>
 
 typedef void	(*mg_initfunc_t)(void *);
-typedef void	(*mg_updatefunc_t)(void *, const char *, unsigned);
+typedef void	(*mg_updatefunc_t)(void *, const void *, unsigned);
 typedef void	(*mg_finalfunc_t)(uint8_t *, void *);
 
 #define MG_MAX_DIG	32
@@ -56,6 +56,8 @@
 	uint8_t		*ctx;		/* digest contexts */
 	uint32_t	 digc;		/* # of digests */
 	multigest_dig_t	 digs[MG_MAX_DIG];	/* digest algorithms being used */
+	uint32_t	 combiner;	/* when finalising, combination algorithm */
+	size_t		 outsize;	/* output size of digest - combiners may change this */
 } multigest_t;
 
 #ifndef __BEGIN_DECLS
@@ -77,12 +79,12 @@
 /* low-level interface */
 int multigest_init(multigest_t */*multigest*/, const char */*alg*/);
 int multigest_add_subst(multigest_t */*multigest*/, const char */*from*/, const char */*to*/);
-void multigest_update(multigest_t */*multigest*/, const char */*data*/, size_t /*len*/);
+void multigest_update(multigest_t */*multigest*/, const void */*data*/, size_t /*len*/);
 void multigest_final(multigest_t */*multigest*/, uint8_t */*raw*/);
 uint32_t multigest_get_rawsize(multigest_t */*multigest*/);
 
 /* high-level interface */
-uint8_t *multigest_data(const char */*alg*/, const char */*data*/, size_t /*size*/, uint8_t */*raw*/, const char */*pat*/, const char */*repl*/);
+uint8_t *multigest_data(const char */*alg*/, const void */*data*/, size_t /*size*/, uint8_t */*raw*/, const char */*pat*/, const char */*repl*/);
 uint8_t *multigest_file(const char */*alg*/, const char */*f*/, uint8_t */*raw*/, const char */*pat*/, const char */*repl*/);
 uint32_t multigest_algs_rawsize(const char */*algs*/);
 

@@ -1,4 +1,4 @@
-/*	$NetBSD: rmd160.c,v 1.1.1.1 2014/03/05 05:09:44 agc Exp $	*/
+/*	$NetBSD: rmd160.c,v 1.2 2015/02/12 01:57:57 agc Exp $	*/
 
 /********************************************************************\
  *
@@ -430,10 +430,10 @@
 	if (digest != NULL) {
 		for (i = 0; i < 20; i += 4) {
 			/* extracts the 8 least significant bits. */
-			digest[i]     =  context->state[i>>2];
-			digest[i + 1] = (context->state[i>>2] >>  8);
-			digest[i + 2] = (context->state[i>>2] >> 16);
-			digest[i + 3] = (context->state[i>>2] >> 24);
+			digest[i]     =  (uint8_t)context->state[i>>2];
+			digest[i + 1] = (uint8_t)(context->state[i>>2] >>  8);
+			digest[i + 2] = (uint8_t)(context->state[i>>2] >> 16);
+			digest[i + 3] = (uint8_t)(context->state[i>>2] >> 24);
 		}
 	}
 }

@@ -1,4 +1,4 @@
-/*	$NetBSD: sha1.c,v 1.1.1.1 2014/03/05 05:09:44 agc Exp $	*/
+/*	$NetBSD: sha1.c,v 1.2 2015/02/12 01:57:57 agc Exp $	*/
 /*	$OpenBSD: sha1.c,v 1.9 1997/07/23 21:12:32 kstailey Exp $	*/
 
 /*
@@ -225,8 +225,8 @@
     _DIAGASSERT(data != 0);
 
     j = context->count[0];
-    if ((context->count[0] += len << 3) < j)
-	context->count[1] += (len>>29)+1;
+    if ((context->count[0] += (uint32_t)(len << 3)) < j)
+	context->count[1] += (uint32_t)((len>>29)+1);
     j = (j >> 3) & 63;
     if ((j + len) > 63) {
 	i = 64 - j;

@@ -819,7 +819,7 @@
 	for (; j < 56; j++) {
 		u.temp8[j] = 0;
 	}
-	((uint64_t *)(void *)(&(u.temp8[56])))[0] = ((uint64_t)length) << 3;
+	u.temp64[7] = ((uint64_t)length) << 3;
 	tiger_compress(u.temp64, ctx->ctx);
 }
 

@@ -1453,7 +1453,7 @@
     /*
      * tally the length of the added data:
      */
-    u64 value = sourceBits;
+    u64 value = (u64)sourceBits;
     for (i = 31, carry = 0; i >= 0 && (carry != 0 || value != LL(0)); i--) {
         carry += bitLength[i] + ((u32)value & 0xff);
         bitLength[i] = (u8)carry;
@@ -1485,7 +1485,7 @@
              */
             bufferBits = bufferPos = 0;
         }
-        buffer[bufferPos] = b << (8 - bufferRem);
+        buffer[bufferPos] = (u8)(b << (8 - bufferRem));
         bufferBits += bufferRem;
         /*
          * proceed to remaining data:
@@ -1501,7 +1501,7 @@
         /*
          * process the remaining bits:
          */
-        buffer[bufferPos] |= b >> bufferRem;
+        buffer[bufferPos] |= (u8)(b >> bufferRem);
     } else {
         b = 0;
     }
@@ -1531,7 +1531,7 @@
              */
             bufferBits = bufferPos = 0;
         }
-        buffer[bufferPos] = b << (8 - bufferRem);
+        buffer[bufferPos] = (u8)(b << (8 - bufferRem));
         bufferBits += (int)sourceBits;
     }
     structpointer->bufferBits   = bufferBits;
@@ -1556,14 +1556,14 @@
     /*
      * append a '1'-bit:
      */
-    buffer[bufferPos] |= 0x80U >> (bufferBits & 7);
+    buffer[bufferPos] |= (u8)(0x80U >> (bufferBits & 7));
     bufferPos++; /* all remaining bits on the current u8 are set to zero. */
     /*
      * pad with zero bits to complete (N*WHIRLPOOL_WBLOCK_BITS - WHIRLPOOL_LENGTH_BITS) bits:
      */
     if (bufferPos > WHIRLPOOL_WBLOCK_BYTES - WHIRLPOOL_LENGTH_BYTES) {
         if (bufferPos < WHIRLPOOL_WBLOCK_BYTES) {
-            memset(&buffer[bufferPos], 0, WHIRLPOOL_WBLOCK_BYTES - bufferPos);
+            memset(&buffer[bufferPos], 0, (size_t)(WHIRLPOOL_WBLOCK_BYTES - bufferPos));
         }
         /*
          * process data block:
@@ -1575,7 +1575,7 @@
         bufferPos = 0;
     }
     if (bufferPos < WHIRLPOOL_WBLOCK_BYTES - WHIRLPOOL_LENGTH_BYTES) {
-        memset(&buffer[bufferPos], 0, (WHIRLPOOL_WBLOCK_BYTES - WHIRLPOOL_LENGTH_BYTES) - bufferPos);
+        memset(&buffer[bufferPos], 0, (size_t)((WHIRLPOOL_WBLOCK_BYTES - WHIRLPOOL_LENGTH_BYTES) - bufferPos));
     }
     bufferPos = WHIRLPOOL_WBLOCK_BYTES - WHIRLPOOL_LENGTH_BYTES;
     /*
@@ -1590,14 +1590,14 @@
      * return the completed message digest:
      */
     for (i = 0; i < WHIRLPOOL_DIGEST_BYTES/8; i++) {
-        digest[0] = (u8)(structpointer->hash[i] >> 56);
-        digest[1] = (u8)(structpointer->hash[i] >> 48);
-        digest[2] = (u8)(structpointer->hash[i] >> 40);
-        digest[3] = (u8)(structpointer->hash[i] >> 32);
-        digest[4] = (u8)(structpointer->hash[i] >> 24);
-        digest[5] = (u8)(structpointer->hash[i] >> 16);
-        digest[6] = (u8)(structpointer->hash[i] >>  8);
-        digest[7] = (u8)(structpointer->hash[i]      );
+        digest[0] = (char)(structpointer->hash[i] >> 56);
+        digest[1] = (char)(structpointer->hash[i] >> 48);
+        digest[2] = (char)(structpointer->hash[i] >> 40);
+        digest[3] = (char)(structpointer->hash[i] >> 32);
+        digest[4] = (char)(structpointer->hash[i] >> 24);
+        digest[5] = (char)(structpointer->hash[i] >> 16);
+        digest[6] = (char)(structpointer->hash[i] >>  8);
+        digest[7] = (char)(structpointer->hash[i]      );
         digest += 8;
     }
     structpointer->bufferBits   = bufferBits;