| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: sha2.c,v 1.8 2011/11/08 18:20:03 joerg Exp $ */ | | 1 | /* $NetBSD: sha2.c,v 1.9 2023/09/04 19:51:19 jperkin Exp $ */ |
2 | /* $KAME: sha2.c,v 1.9 2003/07/20 00:28:38 itojun Exp $ */ | | 2 | /* $KAME: sha2.c,v 1.9 2003/07/20 00:28:38 itojun Exp $ */ |
3 | | | 3 | |
4 | /* | | 4 | /* |
5 | * sha2.c | | 5 | * sha2.c |
6 | * | | 6 | * |
7 | * Version 1.0.0beta1 | | 7 | * Version 1.0.0beta1 |
8 | * | | 8 | * |
9 | * Written by Aaron D. Gifford <me@aarongifford.com> | | 9 | * Written by Aaron D. Gifford <me@aarongifford.com> |
10 | * | | 10 | * |
11 | * Copyright 2000 Aaron D. Gifford. All rights reserved. | | 11 | * Copyright 2000 Aaron D. Gifford. All rights reserved. |
12 | * | | 12 | * |
13 | * Redistribution and use in source and binary forms, with or without | | 13 | * Redistribution and use in source and binary forms, with or without |
14 | * modification, are permitted provided that the following conditions | | 14 | * modification, are permitted provided that the following conditions |
| @@ -558,27 +558,28 @@ void SHA256_Final(sha2_byte digest[], SH | | | @@ -558,27 +558,28 @@ void SHA256_Final(sha2_byte digest[], SH |
558 | SHA256_Transform(context, (sha2_word32*)(void *)context->buffer); | | 558 | SHA256_Transform(context, (sha2_word32*)(void *)context->buffer); |
559 | | | 559 | |
560 | /* And set-up for the last transform: */ | | 560 | /* And set-up for the last transform: */ |
561 | memset(context->buffer, 0, (size_t)(SHA256_SHORT_BLOCK_LENGTH)); | | 561 | memset(context->buffer, 0, (size_t)(SHA256_SHORT_BLOCK_LENGTH)); |
562 | } | | 562 | } |
563 | } else { | | 563 | } else { |
564 | /* Set-up for the last transform: */ | | 564 | /* Set-up for the last transform: */ |
565 | memset(context->buffer, 0, (size_t)(SHA256_SHORT_BLOCK_LENGTH)); | | 565 | memset(context->buffer, 0, (size_t)(SHA256_SHORT_BLOCK_LENGTH)); |
566 | | | 566 | |
567 | /* Begin padding with a 1 bit: */ | | 567 | /* Begin padding with a 1 bit: */ |
568 | *context->buffer = 0x80; | | 568 | *context->buffer = 0x80; |
569 | } | | 569 | } |
570 | /* Set the bit count: */ | | 570 | /* Set the bit count: */ |
571 | *(sha2_word64*)(void *)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount; | | 571 | memcpy(&context->buffer[SHA256_SHORT_BLOCK_LENGTH], |
| | | 572 | &context->bitcount, sizeof(context->bitcount)); |
572 | | | 573 | |
573 | /* Final transform: */ | | 574 | /* Final transform: */ |
574 | SHA256_Transform(context, (sha2_word32*)(void *)context->buffer); | | 575 | SHA256_Transform(context, (sha2_word32*)(void *)context->buffer); |
575 | | | 576 | |
576 | #if BYTE_ORDER == LITTLE_ENDIAN | | 577 | #if BYTE_ORDER == LITTLE_ENDIAN |
577 | { | | 578 | { |
578 | /* Convert TO host byte order */ | | 579 | /* Convert TO host byte order */ |
579 | int j; | | 580 | int j; |
580 | for (j = 0; j < 8; j++) { | | 581 | for (j = 0; j < 8; j++) { |
581 | REVERSE32(context->state[j],context->state[j]); | | 582 | REVERSE32(context->state[j],context->state[j]); |
582 | *d++ = context->state[j]; | | 583 | *d++ = context->state[j]; |
583 | } | | 584 | } |
584 | } | | 585 | } |
| @@ -861,28 +862,30 @@ static void SHA512_Last(SHA512_CTX* cont | | | @@ -861,28 +862,30 @@ static void SHA512_Last(SHA512_CTX* cont |
861 | SHA512_Transform(context, (sha2_word64*)(void *)context->buffer); | | 862 | SHA512_Transform(context, (sha2_word64*)(void *)context->buffer); |
862 | | | 863 | |
863 | /* And set-up for the last transform: */ | | 864 | /* And set-up for the last transform: */ |
864 | memset(context->buffer, 0, (size_t)(SHA512_BLOCK_LENGTH - 2)); | | 865 | memset(context->buffer, 0, (size_t)(SHA512_BLOCK_LENGTH - 2)); |
865 | } | | 866 | } |
866 | } else { | | 867 | } else { |
867 | /* Prepare for final transform: */ | | 868 | /* Prepare for final transform: */ |
868 | memset(context->buffer, 0, (size_t)(SHA512_SHORT_BLOCK_LENGTH)); | | 869 | memset(context->buffer, 0, (size_t)(SHA512_SHORT_BLOCK_LENGTH)); |
869 | | | 870 | |
870 | /* Begin padding with a 1 bit: */ | | 871 | /* Begin padding with a 1 bit: */ |
871 | *context->buffer = 0x80; | | 872 | *context->buffer = 0x80; |
872 | } | | 873 | } |
873 | /* Store the length of input data (in bits): */ | | 874 | /* Store the length of input data (in bits): */ |
874 | *(sha2_word64*)(void *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1]; | | 875 | memcpy(&context->buffer[SHA512_SHORT_BLOCK_LENGTH], |
875 | *(sha2_word64*)(void *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0]; | | 876 | &context->bitcount[1], sizeof(context->bitcount[1])); |
| | | 877 | memcpy(&context->buffer[SHA512_SHORT_BLOCK_LENGTH + 8], |
| | | 878 | &context->bitcount[0], sizeof(context->bitcount[0])); |
876 | | | 879 | |
877 | /* Final transform: */ | | 880 | /* Final transform: */ |
878 | SHA512_Transform(context, (sha2_word64*)(void *)context->buffer); | | 881 | SHA512_Transform(context, (sha2_word64*)(void *)context->buffer); |
879 | } | | 882 | } |
880 | | | 883 | |
881 | void SHA512_Final(sha2_byte digest[], SHA512_CTX* context) { | | 884 | void SHA512_Final(sha2_byte digest[], SHA512_CTX* context) { |
882 | sha2_word64 *d = (void *)digest; | | 885 | sha2_word64 *d = (void *)digest; |
883 | | | 886 | |
884 | /* Sanity check: */ | | 887 | /* Sanity check: */ |
885 | assert(context != (SHA512_CTX*)0); | | 888 | assert(context != (SHA512_CTX*)0); |
886 | | | 889 | |
887 | /* If no digest buffer is passed, we don't bother doing this: */ | | 890 | /* If no digest buffer is passed, we don't bother doing this: */ |
888 | if (digest != (sha2_byte*)0) { | | 891 | if (digest != (sha2_byte*)0) { |